YongZhong He,XueJiao Xu,DaoShun Wang,ShunDong Li,XiangHui Zhao,ChingNung Yang

DOI: https://doi.org/10.1007/978-3-030-16946-6_52

2020-01-01

Abstract:There are many schemes to detect and identify cheaters when the number of participants is exactly equal to t in secret sharing schemes. However, most of them need dealers or redundant information to detect the dishonest participants when participants are greater than threshold t. Harn et al. proposed a dynamic threshold secret reconstruction scheme, which the threshold can be improved to k during reconstruction. Less than k - 1 participants cannot recover the shared secret. Their scheme uses the symmetric polynomial to resist the external adversary. However, each participant needs to hold a polynomial. Thus, the complexity of storage of the scheme is high. Furthermore, the scheme cannot detect and identify the cheaters who present falsified information during secret reconstruction. In this paper, we propose a secret sharing scheme with dynamic threshold k that can identify up to k - 1 dishonest participants who have no legal share information. The scheme does not need the help of the dealer to detect cheaters. The dealer uses the traditional polynomial to distribute a secret to each participant. In the secret reconstruction phase, the share information of each participant is transformed and then presents to other participants who verify it using the public key of the sender. If the presented information is falsified, it will fail the verification and the related participant is identified as a cheater. Otherwise, the secret can be correctly reconstructed. Meanwhile, our scheme ensures that the external adversary who eavesdrops the reconstruction messages cannot recover the secret. The trade-off is that our scheme has additional computation overhead.

肖清华,平玲娣,潘雪增

DOI: https://doi.org/10.3785/j.issn.1008-973X.2004.11.004

2004-01-01

Abstract:A vector space secret sharing scheme against cheating was proposed for extending the normal threshold structure. In this scheme, the secret was encapsulated, and its commitment was publicized. Then everyone can verify the correctness of the distribution of secret shares, and any malicious dealer can be detected efficiently. In the process of secret recovery, each shareholder who pooled share was authenticated by means of the intractability of quadratic residue over finite field of large prime order, which prevented the adversaries from getting the secret or shares and the shareholders from cheating each other. Thus any unfaithful shareholders was traced and determined. Compared with the similar schemes, the proposed scheme not only has maximum information rate, but also has far lower computation and communication cost.

Dong-ping HUANG,Duo LIU,Dao-shun WANG,Yi-qi DAI

DOI: https://doi.org/10.3321/j.issn:0372-2112.2006.11.001

2006-01-01

Tien Tzu Hsueh Pao/Acta Electronica Sinica

Abstract:A verifiable threshold multi-secret sharing scheme is proposed in this paper. As the secret can be recovered with the shadows provided by participants and it is computationally difficult to get the sub-keys from the shadows, the sub-keys can be reused to share the multi-secret in this scheme. By verifying the information published by the dealer as well as the shadows of sub-keys provided by participants, this scheme can prevent both dealer and participant from cheating. The security of this scheme is the same as that of RSA cryptosystem and Shamir's (k, n)-threshold scheme. Two kinds of cheating methods against threshold multi-secret sharing scheme are also proposed, which can threaten the security of previous schemes more or less. But the scheme proposed in this paper provides efficient solutions against these cheatings and achieves the same computational security with a better performance compared with the previous schemes.

Shi Runhua,Huang Liusheng,Luo yonglong,Zhong Hong

DOI: https://doi.org/10.1109/icnsc.2008.4525497

2008-01-01

Abstract:This paper proposes a threshold multi-secret sharing scheme. In such a scheme, many secrets are shared in such a way that all secrets can be reconstructed independently without refreshing the shares. Every share is of the same size as that of any single shared secret in the proposed scheme. The number of public values in the proposed scheme is same as that of He and Dawson's scheme, which has been proved that it is only one-time-use scheme, but the proposed scheme is a multi-use scheme really, what is more important, it is more efficient since there will be t i secrets to be shared and reconstructed at the same time according to each (t i , n)-threshold access structure. That is, there are more secrets to be shared and reconstructed in the proposed scheme.

Dongping HUANG,Huayong WANG,Liansheng HUANG,Yiqi DAI

DOI: https://doi.org/10.3321/j.issn:1000-0054.2006.01.027

2006-01-01

Abstract:Known threshold secret sharing schemes have limited flexibility when dealing with the dynamic joining and leaving of the participants. A threshold secret sharing scheme was developed and a utility method to solve the Lagrange interpolation was proposed. The scheme allows the participants to join or leave dynamically, without re-distributing the sub-secrets, which is easier to implement. As the sub-secrets are kept secretly by the participants and it is the shadows of the sub-secrets that is published, the sub-secrets can be re-utilized. The scheme requires less computing time than threshold secret sharing with direct general access structure secret sharing.

Keju Meng,Fuyou Miao,Wenchao Huang,Yan Xiong

DOI: https://doi.org/10.1016/j.ipl.2020.105928

IF: 0.851

2020-01-01

Information Processing Letters

Abstract:(t, n) threshold secret sharing (SS) is an important cryptographic primitive in which a secret is divided into n shares, and then any t or more shareholders can exchange shares to reconstruct the secret without help of any trusted third party. However, if an illegal participant, without any valid share, impersonates a shareholder to recover the secret with m (m >= t) legal shareholders in a traditional (t, n) threshold SS scheme, it may obtain the secret. Therefore, this paper utilizes a bivariate symmetry polynomial to propose a basic threshold changeable secret sharing (TCSS) scheme which is cheating immune and thwarts the above illegal participant attack. In the basic TCSS scheme, threshold is allowed to increase from t to the exact number of all participants during secret reconstruction. In this way, the secret can be recovered only if all the participants have valid shares. However, each shareholder has to keep t coefficients of its share. Then, an improved TCSS scheme based on both univariate polynomial and bivariate symmetry polynomial is proposed to reduce coefficients of shares for each shareholder. (C) 2020 Elsevier B.V. All rights reserved.

GE Li-na,TANG Shao-hua

2009-01-01

Computer Science

Abstract:A dynamic threshold secret sharing scheme based on circle properties was proposed.A two-variable one-way hash function and a notice board were introduced.A participant computes his shadow information by using both the public information and his pseudo-shadow.The pseudo-shadow of each participant always keeps the same even if a participant leaves/joins,or the value of t changes dynamically.Further more,the participants can share next secret by the same pseudo-shadow.Compared with a geometric approach for sharing secrets proposed by WU & HE,not only the participants can join/leave the system dynamically,but also the value of the threshold of t is easy to change in the proposed scheme.The proposed scheme is simple,and fast.The experimental results show that our scheme is more efficient than the Shamir's scheme.It is proven secure.

Dongping HUANG,Duo LIU,Yiqi DAI

DOI: https://doi.org/10.3321/j.issn:1000-0054.2007.04.036

2007-01-01

Abstract:A verifiable multi-level threshold multi-secret sharing scheme based on the intractability of the discrete logarithm and integer factorization was developed to eliminate limitations of previous threshold schemes that secrets can only be shared in the same level threshold. The secrets are shared with a polynomial which degenerates to a lower order polynomial for different thresholds. Compared with previous schemes, this scheme simultaneously maintains multi-level thresholds and multiple secrets for the same threshold level. The recovery of any shared secret on any threshold level will not leak any other un-recovered secret. The system is easily managed and uses sub-secret because only one sub-secret need be kept for each participant.

Xingxing Jia,Daoshun Wang,Daxin Nie,Xiangyang Luo,Jonathan Zheng Sun

DOI: https://doi.org/10.1016/j.ins.2018.09.024

IF: 8.1

2019-01-01

Information Sciences

Abstract:A general (t, n) secret sharing (SS) scheme with fixed threshold allows a secret to be shared without considering the time dynamic nature of the security environment. In this paper, we propose a threshold changeable secret sharing scheme whose threshold can be changed in an integer interval [t, t′] without updating the shares. In this scheme, a different threshold can be activated at any time through the public broadcast channel. At the heart of the proposed scheme is a novel matrix of primes. The validity of the share generation and secret reconstruction is provided by the Chinese Remainder Theorem (CRT). We prove the existence of the proposed matrix and present a method to efficiently construct it, which makes use of a proposed sequence of nested closed intervals generated by large co-prime numbers. We further use the structure to propose a scheme with computational security, without maintaining online dealer. Compared with previous methods, the proposed scheme has short share size and low complexity for recovery. For any changeable threshold in [t, t′], the increase in share size is at most 1t−1 of that from previous methods. Computational complexity for secret recovery is O(t), compared with O(tlog2t) of the best previous methods.

LI Xiong,LI Zhi-hui

DOI: https://doi.org/10.3778/j.issn.1002-8331.2008.27.032

2008-01-01

Abstract:A dynamic cheat-proof multi-group-secret sharing scheme based on the discrete logarithm and lagrange interpolation formula is proposed.In the proposed scheme,m groups of secrets being shared among n participants,each group of secrets has a different threshold access structure and includes a distinct number of secrets.Each participant selects her/his shadow by her/himself and the dealer don't know the shadow of any participant,so there is not need a security channel.Each participant is able to check whether another participant provides the valid information or not in the recovery phase.Each participant holds only one shadow while sharing many groups' secrets with other participants.The security of the proposed scheme can be guaranteed due to the difficulty in solving the discrete logarithm problem.

HM SUN,SP SHIEH

DOI: https://doi.org/10.1049/el:19941411

1994-01-01

Electronics Letters

Abstract:An (m, n) threshold scheme is to decompose a shared secret into n shares in such a way that the shared secret cannot be reclaimed unless any m shares are collected. A new dynamic threshold scheme that allows the shared secret to be updated without changing the shares is proposed.<>

Jiandong Wang

2011-01-01

Computer Engineering and Applications Journal

Abstract:In order to solve the secure distribution problems in the existing secret sharing scheme under different access right,based on the ID-based public key cryptography technology,a new secret sharing scheme under different access right is proposed,which adopts two polynomials,and then a generalized scheme is given.In the scheme,each participant's share is selected by the participant himself and secret dealer separately;the shares can be repeatedly used for the reconstruction of multiple secrets.The cheating between participants can be detected by verifying every participant's identity and share.Analysis shows the proposed scheme is secure.Furthermore,its efficiency is also better than others.

刘焕平,胡铭曾,方滨兴,杨义先

DOI: https://doi.org/10.3321/j.issn:1000-436x.2004.05.005

2002-01-01

Journal of Software

Abstract:A dynamic (t,n)-threshold secret sharing scheme based on one-way function is proposed in this paper. It has the following properties: (1) The dealer can renew system secrets without renewing the shadows of the participants; (2) When some participants?shadows are revealed, they can be renewed without any effect on the others; (3) A new shadow can be generated for a new participant without any effect on the others; (4) The shadows can be reused for many times; (5) Only n+1 parameters should be public (When a cheater could be checked out, it should be opened 2n+1 parameters.); (6) The system secret can be recovered with a parallel process.

Keju Meng,Fuyou Miao,Wenchao Huang,Yan Xiong

DOI: https://doi.org/10.1016/j.dam.2019.05.011

IF: 1.254

2019-01-01

Discrete Applied Mathematics

Abstract:(t,n)-Threshold secret sharing ((t,n)-SS) scheme is a fundamental cryptographic primitive. As a special (t,n)-SS, a Multi-Level threshold Secret Sharing scheme (MLSS) divides shares into different levels. Shares at higher levels can be used at lower ones but shares of lower levels are invalid at higher ones. However, MLSS is limited in applications and vulnerable to Illegal Participant (IP) attack and t-Share Capture (SC) attack. Therefore, the paper first extends the notion of MLSS to multi-group threshold secret sharing (MGSS) to accommodate wider application scenarios. In order to cope with the 2 attacks, the paper then proposes a tightly coupled MGSS scheme based on Chinese Remainder Theorem. In the scheme, a shareholder, with only one private share, is allowed to participate in secret reconstruction of different groups. Moreover, when sufficient shareholders collaborate to recover the secret in a group, they first form a tightly coupled subgroup by constructing a randomized component each so that the secret can be recovered only if each participant has valid share and actually participates in secret reconstruction. Analyses show that the proposed scheme is capable of thwarting IP and SC attacks. Besides, the scheme is more flexible and popular in applications compared with MLSS scheme.

SHI Run-hua,ZHONG hong,HUANG Liu-sheng

DOI: https://doi.org/10.19304/j.cnki.issn1000-7180.2008.01.007

2008-01-01

Abstract:This paper presents a non-interactive PVSS scheme. In this scheme, it evolves all participants' shares from the sharing secret based on the natural evolution thought, and ensures that any party can verify the correctness of the shares using the method of knowledge signature; In turn, any k shares after verified their validness can restructure the secret based on the theory of solving the linear equations. It is information-theoretic secure. It is more efficient to be extended and renewed.

张险峰,秦志光

2004-01-01

Journal of Computer Applications

Abstract:Threshold secret sharing is the foundation of implementing threshold cryptosystem. This paper introduces and analyzes existing threshold secret sharing. The theoretical background of secret sharing is described. Based on the introduction, a recursive-algorithm based secret sharing scheme is proposed. Then the performance analysis of the scheme is conducted. It shows that this scheme is characterized by excellent security as well as high efficiency.

Runhua Shi,Hong Zhong,Liusheng Huang

DOI: https://doi.org/10.1109/snpd.2007.416

2007-01-01

Abstract:In this article, we propose a (t,n) threshold verifiable multi-secret sharing scheme, in which to reconstruct t secrets needs to solve t simultaneous equations. The analysis results show that our scheme is as easy as Yang's scheme [8] in the secret reconstruction and requires less public values than Chien's [7] and Yang's schemes. Furthermore, the shares in our scheme can be verified their validity with t public values based on ECDLP, and there are two verified forms: one is computationally secure as Feldman's scheme [12] and other is unconditionally secure as Pedersen's scheme [13]. In addition, for the main computation: a(i,1) P-1 + a(i,2) P-2 +... + a(i,)t P-t in our scheme, we present a new method based on the signed factorial expansion and implement it, the results show that it is more efficient than the current public methods. Thus our scheme is a secure and efficient (t,n) threshold verified multi-secret sharing scheme.

Zhenhua Chen,Shundong Li,Youwen Zhu,Jianhua Yan,Xinli Xu

DOI: https://doi.org/10.1002/sec.1283

IF: 1.968

2015-01-01

Security and Communication Networks

Abstract:There are many researches on the polynomial-based verifiable (k, n) multi-secret sharing scheme (VMSSS), but none of them focuses on the Chinese remainder theorem (CRT)-based VMSSS so far. For the first time, we provide a cheater identifiable multi-secret sharing scheme based on CRT as an alternative method for VMSSS, which is unconditionally secure when the number of cheaters t <= (k - 1)/3. We adopt an encoding method, which makes multiple secrets to be transferred as a single one. In addition, we utilize a single keyed message authenticated code (MAC) to detect and identify cheaters in the reconstruction phase. Then, combine these two methods with a CRT-based Asmuth-Bloom's SSS to achieve our design goals. In our scheme, all participants share a single key of MAC rather than each participant possesses an independent key to check the validity of shares, and the size of share is independent in any of n, k, and t. Analyses show that our scheme is more efficient and secure than existing ones. Finally, as an example of the practical impact of our work, we present how our techniques can be applied to secure sum computation. Copyright (C) 2015 John Wiley & Sons, Ltd.

Lei Zhu,Yanxiao Liu,Yichuan Wang,Wenjiang Ji,Xinhong Hei,Quanzhu Yao,Xiaoyan Zhu

DOI: https://doi.org/10.1109/NaNA.2017.62

2017-01-01

Abstract:In 1989, Tompa and Woll first introduced a cheating problem in Shamir's (k, n) secret sharing scheme, such that malicious shareholders (cheaters) aim to cheat honest shareholders by pooling forged shares during secret reconstruction. They succeed if honest shareholders accept a forged secret. In this cheating, even a single cheater can deceive other k - 1 honest shareholders with high probability. In this paper, we consider a situation that there are k --2 or less cheaters in secret reconstruction, and propose a (k, n) secret sharing scheme secure against such cheating. Our scheme is efficient respect to the size of shares. Furthermore, our scheme is secure regardless of the probability distribution of the secret.

V P Binu,A Sreekumar

DOI: https://doi.org/10.48550/arXiv.1603.09524

2016-03-31

Cryptography and Security

Abstract:Secret Sharing techniques are now the building blocks of several security protocols. A (t;n) threshold secret sharing scheme is one in which t or more participant can join together to retrieve the secret.Traditional single secret sharing schemes are modified and generalized to share multiple secrets.Use of elliptic curve and pairing in secret sharing is gaining more importance.In this paper we propose a threshold multi secret sharing scheme where more than one secret is shared.When the threshold number of participants collate, the multi secret can be retrieved. The scheme make use of elliptic curve and bilinear pairing.Verification of shares by the participants, shares consistency checking, detection and identification of cheaters are the extended capabilities achieved.The shared secrets are retrieved in single stage here, unlike the multi stage secret sharing scheme.The participants can be added very easily.The scheme is efficient and the number of public parameters are also less compared with the existing threshold multi secret sharing scheme based on the elliptic curve.The dealer can easily modify the secret or add additional secret by changing the public parameters of the scheme.This is the first proposal of a threshold multi secret sharing scheme with extended capabilities using self pairing.