Lein Harn,Miao Fuyou

DOI: https://doi.org/10.1016/j.ipl.2014.04.006

IF: 0.851

2014-01-01

Information Processing Letters

Abstract:The (t,n) threshold secret sharing schemes (SSs) were introduced by Shamir and Blakley separately in 1979. Multilevel threshold secret sharing (MTSS) is a generalization of classical threshold SS, and it has been studied extensively in the literature. In an MTSS, shareholders are classified into different security subsets. The threshold value of a higher-level subset is smaller than the threshold value of a lower-level subset. Shareholders in each subset can recover the secret if the number of shares available is equal to or more than a threshold value. Furthermore, the share of a shareholder in a higher-level subset can be used as a share in the lower-level subset to recover the secret. Chinese Remainder Theorem (CRT) is one of popular tools used for designing SSs. For example, the Mignotte's scheme and Asmuth–Bloom's scheme are two classical (t,n) threshold SSs based on the CRT. So far, there was no CRT-based MTSS in the literature. In this paper, we propose the first MTSS based on the CRT. In our proposed scheme, one unique feature is that each shareholder needs to keep only one private share. Our proposed scheme is based on the Asmuth–Bloom's SS which is unconditionally secure.

Wu Lei,Miao Fuyou,Meng Keju,Wang Xu

DOI: https://doi.org/10.1007/s11704-021-0483-9

IF: 2.6688

2021-01-01

Frontiers of Computer Science

Abstract:Secret sharing (SS) is part of the essential tech-niques in cryptography but still faces many challenges in effi-ciency and security.Currently,SS schemes based on the Chi-nese Remainder Theorem (CRT) are either low in the infor-mation rate or complicated in construction.To solve the above problems,1) a simple construction of an ideal (t,n)-SS scheme is proposed based on CRT for a polynomial ring.Compared with Ning's scheme,it is much more efficient in generating n pairwise coprime modular polynomials during the scheme construction phase.Moreover,Shamir's scheme is also a spe-cial case of our scheme.To further improve the security,2)a common-factor-based (t,n)-SS scheme is proposed in which all shareholders share a common polynomial factor.It enables both the verification of received shares and the establishment of a secure channel among shareholders during the reconstruction phase.As a result,the scheme is resistant to eavesdropping and modification attacks by outside adversaries.

Xingxing Jia,Daoshun Wang,Daxin Nie,Xiangyang Luo,Jonathan Zheng Sun

DOI: https://doi.org/10.1016/j.ins.2018.09.024

IF: 8.1

2019-01-01

Information Sciences

Abstract:A general (t, n) secret sharing (SS) scheme with fixed threshold allows a secret to be shared without considering the time dynamic nature of the security environment. In this paper, we propose a threshold changeable secret sharing scheme whose threshold can be changed in an integer interval [t, t′] without updating the shares. In this scheme, a different threshold can be activated at any time through the public broadcast channel. At the heart of the proposed scheme is a novel matrix of primes. The validity of the share generation and secret reconstruction is provided by the Chinese Remainder Theorem (CRT). We prove the existence of the proposed matrix and present a method to efficiently construct it, which makes use of a proposed sequence of nested closed intervals generated by large co-prime numbers. We further use the structure to propose a scheme with computational security, without maintaining online dealer. Compared with previous methods, the proposed scheme has short share size and low complexity for recovery. For any changeable threshold in [t, t′], the increase in share size is at most 1t−1 of that from previous methods. Computational complexity for secret recovery is O(t), compared with O(tlog2t) of the best previous methods.

Jing Yang,Shu-Tao Xia,Xianfang Wang,Jiangtao Yuan,Fang-Wei Fu

DOI: https://doi.org/10.1109/isit57864.2024.10619659

2024-01-01

Abstract:In this paper, for the first time, we propose a new explicit hierarchical threshold secret sharing (HTSS) scheme based on the Chinese Remainder Theorem (CRT) for polynomial rings, where the participant set is divided into disjoint subsets and the threshold of a superior subset is less than the threshold of an inferior subset. In addition, we present a rigorous security analysis to show that our HTSS scheme is both perfect and ideal. Moreover, a toy example of our HTSS scheme is given to enable readers to better understand our construction. By comparison, it appears that our scheme is the first CRT-based HTSS for polynomial rings and also the first ideal and perfect CRT-based HTSS scheme, which is easier to construct than its counterpart for integer rings, where different participants hold shares of different sizes. Besides, our HTSS can also distribute shares of the same size, similar to other HTSS.

Keju Meng,Fuyou Miao,Yu Ning,Wenchao Huang,Yan Xiong,Chin-Chen Chang

DOI: https://doi.org/10.1007/s11704-019-9123-z

IF: 2.6688

2020-01-01

Frontiers of Computer Science

Abstract:If an adversary tries to obtain a secret s in a ( t, n ) threshold secret sharing (SS) scheme, it has to capture no less than t shares instead of the secret s directly. However, if a shareholder keeps a fixed share for a long time, an adversary may have chances to filch some shareholders’ shares. In a proactive secret sharing (PSS) scheme, shareholders are supposed to refresh shares at fixed period without changing the secret. In this way, an adversary can recover the secret if and only if it captures at least t shares during a period rather than any time, and thus PSS provides enhanced protection to long-lived secrets. The existing PSS schemes are almost based on linear SS but no Chinese Remainder Theorem (CRT)-based PSS scheme was proposed. This paper proposes a PSS scheme based on CRT for integer ring to analyze the reason why traditional CRT-based SS is not suitable to design PSS schemes. Then, an ideal PSS scheme based on CRT for polynomial ring is also proposed. The scheme utilizes isomorphism of CRT to implement efficient share refreshing.

Lein Harn,Fuyou Miao

2014-01-01

Abstract:In a ) , ( n t secret sharing scheme (SS), a dealer divides a secret into n shares in such a way that (a) the secret can be recovered successfully with t or more than t shares, and (b) the secret cannot be recovered with fewer than t shares. In a weighted secret sharing scheme (WSS), each share of a shareholder has a positive weight. The secret can be recovered if the overall weight of shares is equal to or larger than the threshold; but the secret cannot be recovered if the overall weight of shares is smaller than the threshold value. The ) , ( n t SS is a special type of WSSs in which the weight of all shares is the same. A shareholder having a higher weight needs to keep multiple shares if we adopt a standard ) , ( n t SS to implement a WSS. In this paper, we propose a WSS based on the Chinese Remainder Theorem (CRT) and the security of our scheme is the same as the ) , ( n t SS proposed by Asmuth and Bloom. In our proposed WSS, every shareholder including shareholders having higher weights keeps only one share. Furthermore, the modulus associated with shareholders in our proposed scheme is smaller than the modulus in all existing schemes.

Keju Meng,Fuyou Miao,Wenchao Huang,Yan Xiong

DOI: https://doi.org/10.1016/j.dam.2019.05.011

IF: 1.254

2019-01-01

Discrete Applied Mathematics

Abstract:(t,n)-Threshold secret sharing ((t,n)-SS) scheme is a fundamental cryptographic primitive. As a special (t,n)-SS, a Multi-Level threshold Secret Sharing scheme (MLSS) divides shares into different levels. Shares at higher levels can be used at lower ones but shares of lower levels are invalid at higher ones. However, MLSS is limited in applications and vulnerable to Illegal Participant (IP) attack and t-Share Capture (SC) attack. Therefore, the paper first extends the notion of MLSS to multi-group threshold secret sharing (MGSS) to accommodate wider application scenarios. In order to cope with the 2 attacks, the paper then proposes a tightly coupled MGSS scheme based on Chinese Remainder Theorem. In the scheme, a shareholder, with only one private share, is allowed to participate in secret reconstruction of different groups. Moreover, when sufficient shareholders collaborate to recover the secret in a group, they first form a tightly coupled subgroup by constructing a randomized component each so that the secret can be recovered only if each participant has valid share and actually participates in secret reconstruction. Analyses show that the proposed scheme is capable of thwarting IP and SC attacks. Besides, the scheme is more flexible and popular in applications compared with MLSS scheme.

Fuyou Miao,Yue Yu,Keju Meng,Yan Xiong,Chin-Chen Chang

DOI: https://doi.org/10.1155/2021/6678345

IF: 1.968

2021-01-01

Security and Communication Networks

Abstract:In a t , n threshold secret sharing (SS) scheme, whether or not a shareholder set is an authorized set totally depends on the number of shareholders in the set. When the access structure is not threshold, (t,n) threshold SS is not suitable. This paper proposes a new kind of SS named grouped secret sharing (GSS), which is specific multipartite SS. Moreover, in order to implement GSS, we utilize both Lagrange interpolation polynomials and Chinese remainder theorem to design two GSS schemes, respectively. Detailed analysis shows that both GSS schemes are correct and perfect, which means any authorized set can recover the secret while an unauthorized set cannot get any information about the secret.

Zhenhua Chen,Shundong Li,Youwen Zhu,Jianhua Yan,Xinli Xu

DOI: https://doi.org/10.1002/sec.1283

IF: 1.968

2015-01-01

Security and Communication Networks

Abstract:There are many researches on the polynomial-based verifiable (k, n) multi-secret sharing scheme (VMSSS), but none of them focuses on the Chinese remainder theorem (CRT)-based VMSSS so far. For the first time, we provide a cheater identifiable multi-secret sharing scheme based on CRT as an alternative method for VMSSS, which is unconditionally secure when the number of cheaters t <= (k - 1)/3. We adopt an encoding method, which makes multiple secrets to be transferred as a single one. In addition, we utilize a single keyed message authenticated code (MAC) to detect and identify cheaters in the reconstruction phase. Then, combine these two methods with a CRT-based Asmuth-Bloom's SSS to achieve our design goals. In our scheme, all participants share a single key of MAC rather than each participant possesses an independent key to check the validity of shares, and the size of share is independent in any of n, k, and t. Analyses show that our scheme is more efficient and secure than existing ones. Finally, as an example of the practical impact of our work, we present how our techniques can be applied to secure sum computation. Copyright (C) 2015 John Wiley & Sons, Ltd.

Lein Harn,Fuyou Miao,Chin-Chen Chang

DOI: https://doi.org/10.1002/sec.807

2014-01-01

Abstract:AbstractA t,n secret sharing scheme SS enables a dealer to divide a secret into n shares in such a way that i the secret can be recovered successfully with t or more than t shares, and ii the secret cannot be recovered with fewer than t shares. A verifiable secret sharing scheme VSS has been proposed to allow shareholders to verify that their shares are generated by the dealer consistently without compromising the secrecy of both shares and the secret. So far, there is only one secure Chinese remainder theorem-based VSS using the RSA assumption. We propose a Chinese remainder theorem-based VSS scheme without making any computational assumptions, which is a simple extension of Azimuth-Bloom t,n SS. Just like the most well-known Shamir's SS, the proposed VSS is unconditionally secure. We use a linear combination of both the secret and the verification secret to protect the secrecy of both the secret and shares in the verification. In addition, we show that no information is leaked when there are fewer than t shares in the secret reconstruction. Copyright © 2013 John Wiley & Sons, Ltd.

Rui Wang,Longlong Li,Guozheng Yang,Xuehu Yan,Wei Yan

DOI: https://doi.org/10.1109/tifs.2024.3477265

IF: 7.231

2024-10-30

IEEE Transactions on Information Forensics and Security

Abstract:The Asmuth and Bloom threshold secret sharing (AB-SS) is a classical introduction of the Chinese remainder theorem (CRT) to secret sharing, offering low computational complexity compared to other branches of secret sharing. For decades, numerous schemes have been proposed for practical applications of AB-SS, such as secret image sharing (SIS). However, in terms of security, AB-SS has proved to be neither ideal nor perfect, and its derivatives in image sharing exhibit vulnerabilities associated with secret leakage. This paper studies the security issues in the SIS schemes derived from AB-SS and improves the core sharing principle of AB-SS to enhance security in image protection. First, for -CRTSIS schemes, we exploit the vulnerability in a single share image to crack the confidential information of the original image, including secret pixel values and the ratio of different pixels. Then, by employing the XOR operation, we introduce a chain obfuscation technology and propose a secure image sharing scheme based on the Chinese remainder theorem (COxor-CRTSIS). The COxor-CRTSIS scheme utilizes integer linear programming for achieving lossless recovery without segmentation and eliminates potential secret disclosure risks without additional encryption. Furthermore, to comprehensively evaluate the security of existing schemes, this paper presents three metrics, information loss rate, fluctuation degree, and coverage rate, enabling a quantitative comparison of security for the first time. Theoretical analyses and experiments are conducted to validate the effectiveness of our scheme.

computer science, theory & methods,engineering, electrical & electronic

Xing Xing Jia,Yi Xuan Song,Dao Shun Wang,Da Xin Nie,Jin Zhao Wu

DOI: https://doi.org/10.3934/mbe.2019062

2019-01-01

Mathematical Biosciences and Engineering

Abstract:Secret sharing (SS) can be used as an important group key management technique for distributed cloud storage and cloud computing. In a traditional threshold SS scheme, a secret is shared among a number of participants and each participant receives one share. In many real-world applications, some participants are involved in multiple SS schemes with group collaboration supports thus have more privileges than the others. To address this issue, we could assign multiple shares to such participants. However, this is not a bandwidth efficient solution. Therefore, a more sophisticated mechanism is required. In this paper, we propose an efficient collaborative secret sharing (CSS) scheme specially tailored for multi-privilege participants in group collaboration. The CSS scheme between two or among more SS schemes is constructed by rearranging multi-privilege participants in each participant set and then formulated into several independent SS schemes with multi-privilege shares that precludes information leakage. Our scheme is based on the Chinese Remainder Theorem with lower recovery complexity and it allows each multi-privilege participant to keep only one share. It can be formally proved that our scheme achieves asymptotically perfect security. The experimental results demonstrate that it is efficient to achieve group collaboration, and it has computational advantages, compared with the existing works in the literature.

Keju Meng,Fuyou Miao,Wenchao Huang,Yan Xiong

DOI: https://doi.org/10.1016/j.ipl.2020.105928

IF: 0.851

2020-01-01

Information Processing Letters

Abstract:(t, n) threshold secret sharing (SS) is an important cryptographic primitive in which a secret is divided into n shares, and then any t or more shareholders can exchange shares to reconstruct the secret without help of any trusted third party. However, if an illegal participant, without any valid share, impersonates a shareholder to recover the secret with m (m >= t) legal shareholders in a traditional (t, n) threshold SS scheme, it may obtain the secret. Therefore, this paper utilizes a bivariate symmetry polynomial to propose a basic threshold changeable secret sharing (TCSS) scheme which is cheating immune and thwarts the above illegal participant attack. In the basic TCSS scheme, threshold is allowed to increase from t to the exact number of all participants during secret reconstruction. In this way, the secret can be recovered only if all the participants have valid shares. However, each shareholder has to keep t coefficients of its share. Then, an improved TCSS scheme based on both univariate polynomial and bivariate symmetry polynomial is proposed to reduce coefficients of shares for each shareholder. (C) 2020 Elsevier B.V. All rights reserved.

Guo-bao Xi,Hui-fang Chen,Wen-dao Zhao

2006-01-01

Abstract:This paper proposes Chinese Remainder Theorem-based Secret Sharing (CRTSS) scheme, a new Multicast Key Management (MKM) scheme, which adopts the Chinese remainder theorem and Shamir’s secret sharing method. With comparing and analyzing GKMP and CRTSS schemes, the results show that CRTSS scheme overcomes high rekeying cost, the defect of conventional centralized flat schemes, improves the performance. It is a new reliable centralized flat MKM scheme.

Xingxing Jia,Daoshun Wang,Yujiang Wu

DOI: https://doi.org/10.4028/www.scientific.net/amm.278-280.1945

2013-01-01

Applied Mechanics and Materials

Abstract:Publicly verifiable secret sharing schemes based on Lagrange interpolation utilize public cryptography to encrypt transmitted data and the validity of their shares can be verified by everyone, not only the participants. However, they require O(klog2k) operations during secret reconstruction phase. In order to reduce the computational complexity during the secret reconstruction phase we propose a non-interactive publicly verifiable secret sharing scheme based on the Chinese Remainder Theorem utilizing ElGamal cryptosystem to encrypt data, whonly requires O(k) operations during secret reconstruction phase. Theoretical analysis proves the proposed scheme achieves computation security and is more efficient.

Ronald Cramer,Chaoping Xing

DOI: https://doi.org/10.1007/978-3-030-45721-1_18

2020-01-01

Abstract:A blackbox secret sharing (BBSS) scheme works in exactly the same way for all finite Abelian groups G; it can be instantiated for any such group G and only black-box access to its group operations and to random group elements is required. A secret is a single group element and each of the n players' shares is a vector of such elements. Share-computation and secret-reconstruction is by integer linear combinations. These do not depend on G, and neither do the privacy and reconstruction parameters t, r. This classical, fundamental primitive was introduced by Desmedt and Frankel (CRYPTO 1989) in their context of "threshold cryptography." The expansion factor is the total number of group elements in a full sharing divided by n. For threshold BBSS with t-privacy (1 <= t <= n- 1), t + 1-reconstruction and arbitrary n, constructions with minimal expansion O(log n) exist (CRYPTO 2002, 2005). These results are firmly rooted in number theory; each makes (different) judicious choices of orders in number fields admitting a vector of elements of very large length (in the number field degree) whose corresponding Vandermonde-determinant is sufficiently controlled so as to enable BBSS by a suitable adaptation of Shamir's scheme. Alternative approaches generally lead to very large expansion. The state of the art of BBSS has not changed for the last 17 years. Our contributions are two-fold. (1) We introduce a novel, nontrivial, effective construction of BBSS based on coding theory instead of number theory. For threshold-BBSS we also achieve minimal expansion factor O(log n). (2) Our method is more versatile. Namely, we show, for the first time, BBSS that is near-threshold, i.e., r - t is an arbitrarily small constant fraction of n, and that has expansion factor O(1), i.e., individual share-vectors of constant length ("asymptotically expansionless"). Threshold can be concentrated essentially freely across full range. We also show expansion is minimal for near-threshold and that such BBSS cannot be attained by previous methods. Our general construction is based on a well-known mathematical principle, the local-global principle. More precisely, we first construct BBSS over local rings through either Reed-Solomon or algebraic geometry codes. We then "glue" these schemes together in a dedicated manner to obtain a global secret sharing scheme, i.e., defined over the integers, which, as we finally prove using novel insights, has the desired BBSS properties. Though our main purpose here is advancing BBSS for its own sake, we also briefly address possible protocol applications.

Shuai Zhang,Fuyou Miao

DOI: https://doi.org/10.1007/978-3-030-62223-7_55

2020-01-01

Abstract:Secret image sharing denotes a technique for apportioning secret images into \( n \) shadow images and preserving in \( n \) participants as the extension of secret sharing on images. Compared to Shamir’s scheme-based secret image sharing, Chinese remainder theorem-based secret imaging has the advantages as lossless recovery, no further encryption, and low recovery computation complexity. However, traditional secret sharing schemes based on the Chinese remainder theorem have shortcomings including no \( \left( {t, n} \right) \) threshold, lossy recovery, ignoring image features or further encryption. In this paper, a \( \left( {t, n} \right) \) secret image sharing scheme is suggested based on Chinese remainder theorem over a polynomial ring realizing no further encryption and lossless recovery and making the pixel values of shadow images randomly distribute \( \left[ {0, 255} \right] \). The effectiveness of the suggested scheme will be demonstrated by experiments and analyses later.

Xingxing Jia,Yusheng Guo,Xiangyang Luo,Daoshun Wang,Chaoyang Zhang

DOI: https://doi.org/10.1016/j.ins.2022.02.016

IF: 8.1

2022-01-01

Information Sciences

Abstract:The secret sharing (SS) scheme has been widely used as the de facto paradigm for group key management in cryptography and distributed computation. An SS scheme for a general access structure (GSS) has drawn more and more attention since it allows flexible access control. However, previous solutions to GSS need to either assign multiple shares to each participant or to solve a complex nonlinear integer programming. In this paper, we propose a novel strategy to address the two problems simultaneously based on the Chinese Remainder Theorem (CRT) for a polynomial ring over a finite field. We classify general access structures satisfying the monotone property into the two families of maximum forbidden subsets and minimum qualified subsets conforming to the security condition and the revealing condition. The moduli used in the scheme are pairwise coprime polynomials and can take the irreducible polynomials. To find the degrees of these polynomials, we only need to solve an integer linear programming (ILP) by minimizing the sum of the degrees of all the moduli. The proposed scheme is inherently a weighted SS scheme and may have no solution which commonly exists in all GSS schemes. To ensure a solution, we put forth a preprocessing algorithm which separates the original access structure into several subaccess structures based on graph theory. The proposed scheme only assigns a share for each participant and achieves perfect security. It has good generalization and provides a universal approach to program the scheme construction for SS schemes with general access structures, threshold access structures and weighted access structures.

Runhua Shi,Hong Zhong,Liusheng Huang

DOI: https://doi.org/10.1109/snpd.2007.416

2007-01-01

Abstract:In this article, we propose a (t,n) threshold verifiable multi-secret sharing scheme, in which to reconstruct t secrets needs to solve t simultaneous equations. The analysis results show that our scheme is as easy as Yang's scheme [8] in the secret reconstruction and requires less public values than Chien's [7] and Yang's schemes. Furthermore, the shares in our scheme can be verified their validity with t public values based on ECDLP, and there are two verified forms: one is computationally secure as Feldman's scheme [12] and other is unconditionally secure as Pedersen's scheme [13]. In addition, for the main computation: a(i,1) P-1 + a(i,2) P-2 +... + a(i,)t P-t in our scheme, we present a new method based on the signed factorial expansion and implement it, the results show that it is more efficient than the current public methods. Thus our scheme is a secure and efficient (t,n) threshold verified multi-secret sharing scheme.

Shaohua Tang

2004-01-01

Journal of Information and Computational Science

Abstract:A new secret sharing and a new threshold RSA signature scheme are presented. The secret sharing scheme is characterized by fast computation as well as simple and secure operations, since only simple addition and union operations are adopted in this algorithm. The secret is divided into N pieces, and each piece is delivered to each different participant. Any K or greater than K participants out of N can reconstruct the secret, but any (M-1) or less than (M-1) participants would fail to recover the secret, where M = ⌈N/(N-K+1)⌉. This secret sharing scheme is applied to digital signature to construct a new threshold RSA signature. Each participant should calculate the partial signature for the message by using its own piece of shadow. Any K or greater than K participants out of N can combine each partial signature to form a complete signature for the message. But any (M-1) or less than (M-1) participants would fail to calculate the complete signature. During the phases of partial signature generation and partial signature combination, the RSA private key is never reconstructed and each participant's partial secret (shadow) is not necessary to expose to others, thus the secret of the RSA private key will not be exposed. Two schemes possess the security of threshold cryptography.