Showing papers on "Secret sharing published in 1989"

Secret sharing scheme realizing general access structure

Abstract: As a method of sharing a secret, e.g., a secret key, Shamir's (k, n) threshold method is well known. However, Shamir's method has a problem in that general access structures cannot be realized. This paper shows that by providing the trustees with several information data concerning the distributed information of the (k, n) threshold method, any access structure can be realized. the update with the change of the secret trustees and the relation to the threshold graph are also discussed.

Verifiable Secret Sharing and Multiparty Protocols with Honest Majority (Extended Abstract)

Abstract: Under the assumption that each participant can broadcast a message to all other participants and that each pair of participants can communicate secretly, we present a verifiable secret sharing protocol, and show that any multiparty protocol, or game with incomplete information, can be achieved if a majority of the players are honest. The secrecy achieved is unconditional and does not rely on any assumption about computational intractability. Applications of these results to Byzantine Agreement are also presented. Underlying our results is a new tool of Information Checking which provides authentication without cryptographic assumptions and may have wide applications elsewhere.

On the classification of ideal secret sharing schemes (extended abstract)

Abstract: In a secret sharing scheme, a dealer has a secret key. There is a finite set P of participants and a set ? of subsets of P. A secret sharing scheme with ? as the access structure is a method which the dealer can use to distribute shares to each participant so that a subset of participants can determine the key if and only if that subset is in ?. The share of a participant is the information sent by the dealer in private to the participant. A secret sharing scheme is ideal if any subset of participants who can use their shares to determine any information about the key can in fact actually determine the key, and if the set of possible shares is the same as the set of possible keys. In this paper, we show a relationship between ideal secret sharing schemes and matroids.

Multiparty Protocols Tolerating Half Faulty Processors

Abstract: We show that a complete broadcast network of n processors can evaluate any function f(x1,..., xn) at private inputs supplied by each processor, revealing no information other than the result of the function, while tolerating up to t maliciously faulty parties for 2t < n. This improves the previous bound of 3t < n on the tolerable number of faults [BG W88, CCD88]. We demonstrate a resilient method to multiply secretly shared values without using unproven cryptographic assumptions. The crux of our method is a new, non-cryptographic zero-knowledge technique which extends verifiable secret sharing to allow proofs based on secretly shared values. Under this method, a single party can secretly share values v1,...vm along with another secret w = P(v1,...,vm), where P is any polynomial size circuit; and she can prove to all other parties that w = P(v1,..., vm), without revealing w or any other information. Our protocols allow an exponentially small chance of error, but are provably optimal in their resilience against Byzantine faults. Furthermore, our solutions use operations over exponentially large fields, greatly reducing the amount of interaction necessary for computing natural functions.

Securely replicating authentication services

Abstract: A framework for designing a type of distributed authentication protocol is given, whose security and availability are higher compared to those of centralized ones. It uses the technique of secret sharing and introduces a cross checksum scheme to achieve secure replication. Fewer than a certain number of malicious servers cannot damage security except by causing denial of service, and this only happens when too many honest servers accidentally fail at the same time. The protocol is suited to an environment where no trustworthiness of any server is permanently guaranteed. The approach is general enough not to rely on any particular authentication protocol. Existing implementations need minor modification. Only a short piece of code is needed to run the implementations as many times as required. Hence, different centralized protocols can be incorporated into one distributed protocol. >

Coding theorem for secret sharing communication systems with two noisy channels

Abstract: The coding theorem is proved for the system with two noisy channels, each of which is a broadcast channel. It is assumed that the legitimate channel is less noisy than the wiretapped channel. The admissible region of rates and security levels is obtained completely. The relationship of the present results to previous results is examined. >

An Optimal Probabilistic Algorithm For Synchronous Byzantine Agreement

Abstract: The problem of Byzantine agreement (BA) was introduced by Pease, Shostak and Lamport [Pease, Shostak and Lamport 1980]. It may be the most important problem in distributed computation among fallible processors. Processor faults may range from simple mistakes to total breakdown to skillful adversarial intent. Trying to maintain a common view of the world is difficult when one does not know whom to trust. BA is a key step in this direction: it enables all good processors (those that follow the protocol) to coordinate themselves. Consider a situation in which each processor holds an initial value. Informally, for any set of initial values, BA should give us the following properties:

On the Classification of Ideal Secret Sharing Schemes

Abstract: In a secret sharing scheme, a dealer has a secret key. There is a finite set P of participants and a set Γ of subsets of P. A secret sharing scheme with Γ as the access structure is a method which the dealer can use to distribute shares to each participant so that a subset of participants can determine the key if and only if that subset is in Γ. The share of a participant is the information sent by the dealer in private to the participant. A secret sharing scheme is ideal if any subset of participants who can use their shares to determine any information about the key can in fact actually determine the key, and if the set of possible shares is the same as the set of possible keys. In this paper, we show a relationship between ideal secret sharing schemes and matroids.

Secret Sharing Over Infinite Domains

Abstract: A (k, n) secret sharing scheme is a probabilistic mapping of a secret to n shares, such that The secret can be reconstructed from any k shares. No subset of k − 1 shares reveals any partial information about the secret.

Secret sharing over infinite domains (extended abstract)

Abstract: A (k, n) secret sharing scheme is a probabilistic mapping of a secret to n shares, such that ? The secret can be reconstructed from any k shares. ? No subset of k - 1 shares reveals any partial information about the secret.Various secret sharing schemes have been proposed, and applications in diverse contexts were found. In all these cases, the set of secrets and the set of shares are finite.In this paper we study the possibility of secret sharing schemes over infinite domains. The major case of interest is when the secrets and the shares are taken from a countable set, for example all binary strings. We show that no (k, n) secret sharing scheme over any countable domain exists (for any 2 < k < n).One consequence of this impossibility result is that no perfect private-key encryption schemes, over the set of all strings, exist. Stated informally, this means that there is no way to perfectly encrypt all strings without revealing information about their length.We contrast these results with the case where both the secrets and the shares are real numbers. Simple secret sharing schemes (and perfect private-key encryption schemes) are presented. Thus, infinity alone does not rule out the possibility of secret sharing.

On the Classification of Idea Secret Sharing Schemes

Abstract: In a secret sharing scheme, a dealer has a secret key. There is a finite set P of participants and a set Γ of subsets of P. A secret sharing scheme with Γ as the access structure is a method which the dealer can use to distribute shares to each participant so that a subset of participants can determine the key if and only if that subset is in Γ. The share of a participant is the information sent by the dealer in private to the participant. A secret sharing scheme is ideal if any subset of participants who can use their shares to determine any information about the key can in fact actually determine the key, and if the set of possible shares is the same as the set of possible keys. In this paper, we show a relationship between ideal secret sharing schemes and matroids.