An implementation of the Paillier crypto system with threshold decryption without a trusted dealer.

We consider the problem of securely generating the keys of the Paillier crypto system [11] with (t; n) threshold decryption, without a trusted dealer. Nishide and Sakurai [10] describe a solution, secure in the malicious model. We use their ideas to make a simpler solution for the semi-honest model, and further introduce a few optimisations. We implement the secure key generation protocol on a single computer, and consider its performance.