A. A. Chilikov

DOI: https://doi.org/10.24108/mathm.0122.0000262

2022-09-24

Mathematics and Mathematical Modeling

Abstract:A problem of great importance that arises in designing and implementation of a cryptosystem is countering side channel attacks. Often an appropriate mathematical algorithm, implemented on a specific physical device to work in the physical environment, becomes vulnerable to such attacks. The “function sharing” technique is a prospective and efficient way to avoid this problem. In the paper we investigate “non-complete sharing” of Boolean functions and mappings, and functions and mappings over finite fields and provide a complete description of the set of functions with n variables, which have sharing. The main findings are the following: introducing and investigating a new concept of “weak” non-complete n -sharing, establishing its connection with “weak” and “classical” n- sharing, and substantiating its advantages from the algebraic point-of-view as well as establishing and proving a criterion for the existence of weak non-complete n -sharing for an arbitrary function. The results also include an explicit description of a set of functions which have weak sharing in terms of algebraic normal form, obtaining the precise and simple descriptions for the boundary (“border”) cases: n = 2, n=m and binary fields. Applying these results to the AES S-box allows complete solving the problem, i.e. a complete answer to the question of a representability of the S-box of the AES cipher as a sharing is available. We believe that the same way can be successful for other cryptographic algorithms.

James Smith

DOI: https://doi.org/10.48550/arXiv.2211.01658

2022-11-03

Abstract:Sharing a secret efficiently amongst a group of participants is not easy since there is always an adversary / eavesdropper trying to retrieve the secret. In secret sharing schemes, every participant is given a unique share. When the desired group of participants come together and provide their shares, the secret is obtained. For other combinations of shares, a garbage value is returned. A threshold secret sharing scheme was proposed by Shamir and Blakley independently. In this (n,t) threshold secret sharing scheme, the secret can be obtained when at least t out of n participants contribute their shares. This paper proposes a novel algorithm to reveal the secret only to the subsets of participants belonging to the access structure. This scheme implements totally generalized ideal secret sharing. Unlike threshold secret sharing schemes, this scheme reveals the secret only to the authorized sets of participants, not any arbitrary set of users with cardinality more than or equal to t. Since any access structure can be realized with this scheme, this scheme can be exploited to implement various access priorities and access control mechanisms. A major advantage of this scheme over the existing ones is that the shares being distributed to the participants is totally independent of the secret being shared. Hence, no restrictions are imposed on the scheme and it finds a wider use in real world applications.

Cryptography and Security,Information Theory

肖清华,平玲娣,潘雪增

DOI: https://doi.org/10.3785/j.issn.1008-973X.2004.11.004

2004-01-01

Abstract:A vector space secret sharing scheme against cheating was proposed for extending the normal threshold structure. In this scheme, the secret was encapsulated, and its commitment was publicized. Then everyone can verify the correctness of the distribution of secret shares, and any malicious dealer can be detected efficiently. In the process of secret recovery, each shareholder who pooled share was authenticated by means of the intractability of quadratic residue over finite field of large prime order, which prevented the adversaries from getting the secret or shares and the shareholders from cheating each other. Thus any unfaithful shareholders was traced and determined. Compared with the similar schemes, the proposed scheme not only has maximum information rate, but also has far lower computation and communication cost.

Rui Xu,Xu Wang,Kirill Morozov,Chi Cheng,Jintai Ding

DOI: https://doi.org/10.1016/j.ins.2021.12.053

IF: 8.1

2022-04-01

Information Sciences

Abstract:In a ( t , n ) threshold scheme any t or more shares can reconstruct the secret s, but less than t shares reveal no information about s. However, an unauthenticated adversary can pretend to be the shareholder at the reconstruction stage. If there were more than t honest shareholders, the unauthenticated adversary without valid share can obtain the secret. To deal with this type of attacks, a model of ( t , m , n ) group oriented secret sharing (GOSS) scheme was proposed by Miao et al. in 2015. Here the group oriented property means that if m > t parties try to reconstruct the secret, they should all have the authentic shares in advance. It was claimed by Miao et al. that the group oriented property in their GOSS schemes holds in the information-theoretic sense. In this paper, we revisit two instantiations of ( t , m , n ) group oriented secret sharing schemes and show that these constructions cannot provide the so-called “group oriented property”. Specifically, we develop concrete attacks which allow an unauthenticated adversary with no valid share to participate in the reconstruction phase and obtain the secret provided that there are at least t honest shares presented at the reconstruction phase.

computer science, information systems

Xingxing Jia,Yusheng Guo,Xiangyang Luo,Daoshun Wang,Chaoyang Zhang

DOI: https://doi.org/10.1016/j.ins.2022.02.016

IF: 8.1

2022-01-01

Information Sciences

Abstract:The secret sharing (SS) scheme has been widely used as the de facto paradigm for group key management in cryptography and distributed computation. An SS scheme for a general access structure (GSS) has drawn more and more attention since it allows flexible access control. However, previous solutions to GSS need to either assign multiple shares to each participant or to solve a complex nonlinear integer programming. In this paper, we propose a novel strategy to address the two problems simultaneously based on the Chinese Remainder Theorem (CRT) for a polynomial ring over a finite field. We classify general access structures satisfying the monotone property into the two families of maximum forbidden subsets and minimum qualified subsets conforming to the security condition and the revealing condition. The moduli used in the scheme are pairwise coprime polynomials and can take the irreducible polynomials. To find the degrees of these polynomials, we only need to solve an integer linear programming (ILP) by minimizing the sum of the degrees of all the moduli. The proposed scheme is inherently a weighted SS scheme and may have no solution which commonly exists in all GSS schemes. To ensure a solution, we put forth a preprocessing algorithm which separates the original access structure into several subaccess structures based on graph theory. The proposed scheme only assigns a share for each participant and achieves perfect security. It has good generalization and provides a universal approach to program the scheme construction for SS schemes with general access structures, threshold access structures and weighted access structures.

Jing Li,Licheng Wang,Jianhua Yan,Xinxin Niu,Yixian Yang

DOI: https://doi.org/10.3837/tiis.2014.12.018

2014-01-01

KSII Transactions on Internet and Information Systems

Abstract:A (n,t,n) secret sharing scheme is to share a secret among n group members, where each member also plays a role of a dealer, and any t shares can be used to recover the secret. In this paper, we propose a strong (k,t,n) verifiable multi-secret sharing scheme, where any k out of n participants operate as dealers. The scheme realizes both threshold structure and adversary structure simultaneously, and removes a trusted third party. The secret reconstruction phase is performed using an additive homomorphism for decreasing the storage cost. Meanwhile, the scheme achieves the pre-verification property in the sense that any participant doesn't need to reveal any information about real master shares in the verification phase. We compare our proposal with the previous (n,t,n) secret sharing schemes from the perspectives of what kinds of access structures they achieve, what kinds of functionalities they support and whether heavy storage cost for secret share is required. Then it shows that our scheme takes the following advantages: (a) realizing the adversary structure, (b) allowing any k out of n participants to operate as dealers, (c) small sized secret share. Moreover, our proposed scheme is a favorable candidate to be used in many applications, such as secure multi-party computation and privacy preserving data mining, etc.

Li, Fulin,Liu, Zhuo,Liu, Li

DOI: https://doi.org/10.1007/s11128-024-04269-1

IF: 1.965

2024-02-13

Quantum Information Processing

Abstract:Quantum secret sharing plays a crucial role in quantum cryptography. In this paper, we present a rational hierarchical (t,n) -threshold quantum secret sharing scheme based on Lagrange interpolation. In our scheme, participants possess rational and hierarchical properties, and the secret can be reconstructed when the number of rational participants satisfies the hierarchical (t,n) -threshold structure proposed in this paper. The reconstructed secret can encompass both classical information and quantum state information, enhancing the practicality and flexibility of our scheme compared to existing ones. Additionally, we redefine the utility of participants based on their roles in the secret recovery process. This newly defined utility allows for a more precise analysis of the correctness, fairness, and equilibrium of our scheme. Finally, our scheme not only resists a typical set of external attacks but also incorporates mechanisms to detect forgery and collusion among participants.

physics, multidisciplinary,quantum science & technology, mathematical

Xing Xing Jia,Yi Xuan Song,Dao Shun Wang,Da Xin Nie,Jin Zhao Wu

DOI: https://doi.org/10.3934/mbe.2019062

2019-01-01

Mathematical Biosciences and Engineering

Abstract:Secret sharing (SS) can be used as an important group key management technique for distributed cloud storage and cloud computing. In a traditional threshold SS scheme, a secret is shared among a number of participants and each participant receives one share. In many real-world applications, some participants are involved in multiple SS schemes with group collaboration supports thus have more privileges than the others. To address this issue, we could assign multiple shares to such participants. However, this is not a bandwidth efficient solution. Therefore, a more sophisticated mechanism is required. In this paper, we propose an efficient collaborative secret sharing (CSS) scheme specially tailored for multi-privilege participants in group collaboration. The CSS scheme between two or among more SS schemes is constructed by rearranging multi-privilege participants in each participant set and then formulated into several independent SS schemes with multi-privilege shares that precludes information leakage. Our scheme is based on the Chinese Remainder Theorem with lower recovery complexity and it allows each multi-privilege participant to keep only one share. It can be formally proved that our scheme achieves asymptotically perfect security. The experimental results demonstrate that it is efficient to achieve group collaboration, and it has computational advantages, compared with the existing works in the literature.

Qi Chen,Xiaojun Ren,Li Hu,Yongzhi Cao

DOI: https://doi.org/10.1016/j.ins.2023.119907

IF: 8.1

2024-01-01

Information Sciences

Abstract:Multipartite secret sharing schemes are those having a multipartite access structure, in which the set of participants is divided into several parts and all participants in the same part play an equivalent role. Secret sharing schemes for these access structures have gained attention, as they generalize threshold secret sharing. This work focuses on the construction of linear secret sharing schemes for ideal uniform multipartite access structures, while avoiding the inefficiencies and randomness of known constructions. To achieve this, we have developed two approaches. The first approach combines polymatroid-based techniques with Gabidulin codes, which efficiently realize a particular family of ideal uniform multipartite access structures. The efficiency of this method is derived from the unique properties of Gabidulin codes, which allow for polynomial share and secret sizes relative to the number of participants. Our second approach applies linear algebraic techniques and polymatroid-based techniques to explicitly design linear secret sharing schemes for arbitrary ideal uniform multipartite access structures. The efficiency of this method stems from the properties of polynomials over finite fields. The schemes from this method are efficient for smaller numbers of parts relative to the number of participants. In summary, we present explicit constructions of linear secret sharing schemes for ideal uniform multipartite access structures, which have important applications in cryptography.

Yi Sun,Qiaoyan Wen,Hongxiang Sun,Wenmin Li,Zhengping Jin,Hua Zhang

DOI: https://doi.org/10.1016/j.proeng.2011.12.731

2012-01-01

Procedia Engineering

Abstract:In traditional group key transfer protocol, the key generation center randomly selects a session key and then transports it that has been encrypted by another secret key. Afterwards, scholars construct authenticated key transfer protocols based on secret sharing instead of encryption algorithm. One typical protocol of this style is built by using the secret sharing scheme based on Language's interpolation polynomial. In this paper, we utilize an optimized secret sharing scheme instead of Language's interpolation polynomial. We provide mutual authentication to ensure that only the authorized group members can recover the right session key. What's more, all participants only need to store one secret share for all sessions. Besides, the change of the group members has no effect on the validity of the existing shares, which means the existing shares possess the excellent characteristic “one time assign, many times apply”.

Zihang Yin,Cheng Chi,Jiale Song,Faguo Wu

DOI: https://doi.org/10.1109/CSCloud62866.2024.00035

2024-06-28

Abstract:Traditional threshold secret sharing scheme provides a mechanism to prevent the over-concentration of secrets while allowing for flexibility through the distribution and reconstruction of sub-secrets. However, this approach often simplifies participant behavior into categories of complete honesty or continuous deceit, neglecting the nuances of rational decision-making. To address this limitation, the rational secret sharing scheme merges threshold secret sharing with game theory, where each participant is considered rational and acts solely in self-interest. Nonetheless, existing schemes encounter challenges such as the prisoner's dilemma and the inability to reconstruct secrets due to the prioritization of individual interests. To mitigate these issues, our proposed scheme integrates a reward and punishment mechanism that balances short-term gains with long-term incentives, effectively deterring malicious behavior among participants. Moreover, traditional solutions based on elliptic curves and bilinear pairs lack resilience against quantum attacks. In response, our solution incorporates lattice-based cryptography to enhance security in the face of quantum threats. Additionally, we introduce an attribute access control tree to empower secret dealers in selecting suitable participants based on attribute restrictions, ensuring a more flexible, convenient, and secure rational secret sharing plan. This comprehensive approach improves participant selection and strengthens security measures in secret sharing scenarios.

Computer Science,Physics

Jing Yang,Fang-Wei Fu

DOI: https://doi.org/10.48550/arXiv.2202.09026

2022-02-18

Abstract:Secret sharing was firstly proposed in 1979 by Shamir and Blakley respectively. To avoid deficiencies of original schemes, researchers presented improvement schemes, among which the multi-secret sharing scheme (MSS) is significant. There are three categories of MSSs, however, we focus on multi-stage secret sharing scheme (MSSS) recovering secrets with any order in this work. By observing inhomogeneous linear recursions (ILRs) in the literature, we conclude a general formula and divide ILRs into two types according to different variables in them. Utilizing these two kinds of ILRs, we propose four verifiable MSSSs with Ajtai's function, which is a lattice-based function. Our schemes have the following advantages. Firstly, our schemes can detect cheat of the dealer and participants, and are multi-use. Secondly, we have several ways to restore secrets. Thirdly, we can turn our schemes into other types of MSSs due to the universality of our method. Fourthly, since we utilize a lattice-based function to mask shares, our schemes can resist the attack from the quantum computer with computational security. Finally, although our schemes need more memory consumption than some known schemes, we need much less time consumption, which makes our schemes more suitable facing limited computing power.

Cryptography and Security

Xingxing Jia,Daoshun Wang,Daxin Nie,Xiangyang Luo,Jonathan Zheng Sun

DOI: https://doi.org/10.1016/j.ins.2018.09.024

IF: 8.1

2019-01-01

Information Sciences

Abstract:A general (t, n) secret sharing (SS) scheme with fixed threshold allows a secret to be shared without considering the time dynamic nature of the security environment. In this paper, we propose a threshold changeable secret sharing scheme whose threshold can be changed in an integer interval [t, t′] without updating the shares. In this scheme, a different threshold can be activated at any time through the public broadcast channel. At the heart of the proposed scheme is a novel matrix of primes. The validity of the share generation and secret reconstruction is provided by the Chinese Remainder Theorem (CRT). We prove the existence of the proposed matrix and present a method to efficiently construct it, which makes use of a proposed sequence of nested closed intervals generated by large co-prime numbers. We further use the structure to propose a scheme with computational security, without maintaining online dealer. Compared with previous methods, the proposed scheme has short share size and low complexity for recovery. For any changeable threshold in [t, t′], the increase in share size is at most 1t−1 of that from previous methods. Computational complexity for secret recovery is O(t), compared with O(tlog2t) of the best previous methods.

Fabian Schillinger,Christian Schindelhauer

DOI: https://doi.org/10.48550/arXiv.1909.05243

2020-10-08

Abstract:Secret sharing is the well-known problem of splitting a secret into multiple shares, which are distributed to shareholders. When enough or the correct combination of shareholders work together the secret can be restored. We introduce two new types of shares to the secret sharing scheme of Shamir. Crucial shares are always needed for the reconstruction of the secret, whereas mutual redundant shares only help once in reconstructing the secret. Further, we extend the idea of crucial and redundant shares to a compartmented secret sharing scheme. The scheme, which is based on Shamir's, allows distributing the secret to different compartments, that hold shareholders themselves. In each compartment, another secret sharing scheme can be applied. Using the modifications the overall complexity of general access structures realized through compartmented secret sharing schemes can be reduced. This improves the computational complexity. Also, the number of shares can be reduced and some complex access structures can be realized with ideal amount and size of shares.

Cryptography and Security

Shu-Yu Kuo,Kuo-Chun Tseng,Chia-Ching Yang,Yao-Hsin Chou,Chia-Ching Yang and Yao-Hsin Chou

DOI: https://doi.org/10.1140/epjqt/s40507-023-00186-x

IF: 6.9997

2023-08-02

EPJ Quantum Technology

Abstract:Quantum secret sharing (QSS) is a significant branch of quantum cryptography and can be widely used in various applications. Quantum secret sharing schemes can be developed by utilizing different features of quantum mechanics, and quantum secure direct communication (QSDC) is an effective way to achieve secret sharing using single qubits. The utilization of QSDC offers certain benefits, such as low cost, high security, and great potential for implementation with current technologies. However, the purpose of QSDC is different from that of QSS, which causes some vulnerabilities, such as dishonest participant attacks. We discover two critical factors that affect the security of traditional protocols. Firstly, they skip a few steps from the QSDC protocol to the QSS protocol. Secondly, the participants have different privileges. This can lead to participants with more privileges engaging in potential attack behavior. In light of these issues, this study proposes a new multiparty QSS scheme to address these vulnerabilities. The proposed protocol ensures the independence of each participant and grants them equal privileges. Analysis results demonstrate that it can defend against malicious attackers, retain the advantages of the QSDC protocol, and further reduce transmission costs. It achieves an excellent balance between security and performance.

optics,physics, atomic, molecular & chemical,quantum science & technology

Zhenhua Chen,Shundong Li,Youwen Zhu,Jianhua Yan,Xinli Xu

DOI: https://doi.org/10.1002/sec.1283

IF: 1.968

2015-01-01

Security and Communication Networks

Abstract:There are many researches on the polynomial-based verifiable (k, n) multi-secret sharing scheme (VMSSS), but none of them focuses on the Chinese remainder theorem (CRT)-based VMSSS so far. For the first time, we provide a cheater identifiable multi-secret sharing scheme based on CRT as an alternative method for VMSSS, which is unconditionally secure when the number of cheaters t <= (k - 1)/3. We adopt an encoding method, which makes multiple secrets to be transferred as a single one. In addition, we utilize a single keyed message authenticated code (MAC) to detect and identify cheaters in the reconstruction phase. Then, combine these two methods with a CRT-based Asmuth-Bloom's SSS to achieve our design goals. In our scheme, all participants share a single key of MAC rather than each participant possesses an independent key to check the validity of shares, and the size of share is independent in any of n, k, and t. Analyses show that our scheme is more efficient and secure than existing ones. Finally, as an example of the practical impact of our work, we present how our techniques can be applied to secure sum computation. Copyright (C) 2015 John Wiley & Sons, Ltd.

Jiangtao Yuan,Jing Yang,Chenyu Wang,Xingxing Jia,Fang-Wei Fu,Guoai Xu

DOI: https://doi.org/10.1016/j.ins.2022.01.053

IF: 8.1

2022-05-01

Information Sciences

Abstract:Hierarchical secret sharing is an important key management technique since it is specially customized for hierarchical organizations with different departments allocated with different privileges, such as the government agencies or companies. Hierarchical access structures have been widely adopted in secret sharing schemes, where efficiency is the primary consideration for various applications. How to design an efficient hierarchical secret sharing scheme is an important issue. A famous hierarchical secret sharing (HSS) scheme was proposed by Tassa based on Birkhoff interpolation. Later, based on the same method, many other HSS schemes were proposed. However, these schemes all depend on Polya’s condition, which is a necessary condition, not a sufficient condition. It cannot guarantee that Tassa’s HSS scheme always exists. Furthermore, this condition needs to check the non-singularity of many matrices. We propose a hierarchical multi-secret sharing scheme based on the linear homogeneous recurrence (LHR) relations and the one-way function. In our scheme, we select m linearly independent homogeneous recurrence relations. The participants in the highly-ranked subsets γ 1 , γ 2 , ⋯ , γ j - 1 join in the jth subset to construct the jth LHR relation. In addition, the proposed hierarchical multi-secret sharing scheme just requires one share for each participant. Besides, our scheme is both perfect and ideal. Furthermore, our scheme avoids many checks of the non-singularity of many matrices in the presented hierarchical secret sharing schemes. Although we need to publish more public values, our scheme reduces the computational complexity of the hierarchical secret sharing schemes from exponential time to polynomial time, i.e., O ( n k m - 1 log n ) , which is relatively more efficient than schemes in the literature.

computer science, information systems

V P Binu,A Sreekumar

DOI: https://doi.org/10.48550/arXiv.1406.5596

2014-06-21

Abstract:Secret sharing schemes are widely used now a days in various applications, which need more security, trust and reliability. In secret sharing scheme, the secret is divided among the participants and only authorized set of participants can recover the secret by combining their shares. The authorized set of participants are called access structure of the scheme. In Multi-Secret Sharing Scheme (MSSS), k different secrets are distributed among the participants, each one according to an access structure. Multi-secret sharing schemes have been studied extensively by the cryptographic community. Number of schemes are proposed for the threshold multi-secret sharing and multi-secret sharing according to generalized access structure with various features. In this survey we explore the important constructions of multi-secret sharing for the generalized access structure with their merits and demerits. The features like whether shares can be reused, participants can be enrolled or dis-enrolled efficiently, whether shares have to modified in the renewal phase etc., are considered for the evaluation.

Cryptography and Security

Chi Sing Chum,Xiaowen Zhang

DOI: https://doi.org/10.48550/arXiv.1111.1278

2011-11-05

Abstract:Secret sharing schemes create an effective method to safeguard a secret by dividing it among several participants. By using hash functions and the herding hashes technique, we first set up a (t+1, n) threshold scheme which is perfect and ideal, and then extend it to schemes for any general access structure. The schemes can be further set up as proactive or verifiable if necessary. The setup and recovery of the secret is efficient due to the fast calculation of the hash function. The proposed scheme is flexible because of the use of existing hash functions.

Cryptography and Security

Hung-Min Sun

DOI: https://doi.org/10.1142/s0129054100000168

2000-01-01

International Journal of Foundations of Computer Science

Abstract:A secret sharing scheme is a method which allows a dealer to share a secret among a set of participants in such a way that only qualified subsets of participants can recover the secret. The collection of subsets of participants that can reconstruct the secret in this way is called access structure. The rank of an access structure is the maximum cardinality of a minimal qualified subset. A secret sharing scheme is perfect if unqualified subsets of participants obtain no information regarding the secret. The dealer's randomness is the number of random bits required by the dealer to setup a secret sharing scheme. The efficiency of the dealer's randomness is the ratio between the amount of the dealer's randomness and the length of the secret. Because random bits are a natural computational resource, it is important to reduce the amount of randomness used by the dealer to setup a secret sharing scheme. In this paper, we propose some decomposition constructions for perfect secret sharing schemes with access structures of constant rank. Compared with the best previous results, our constructions have some improved upper bounds on the dealer's randomness and on the efficiency of the dealer's randomness.