Showing papers on "Secret sharing published in 2017"

Selective scalable secret image sharing with verification

Abstract: Scalable secret image sharing (SSIS) is a new secret image sharing technique. The feature of scalability refers to the fact that the revealed secret information is proportional to the number of gathered shadows. Once all of the valid shadows are collected, the complete secret can be revealed easily. The kernel of secret information, however, may be leaked out with a few shadows collected in the existing SSIS mechanisms. This is because researchers seldom concerned about secret distribution. Thus, we introduce the Salient map to develop a new method, in which the ROIs (region of interesting) of secret image can be revealed progressively. Additionally, we introduce the concepts of meaningful shadow and verification to SSIS. To the best of our knowledge, this is the first SSIS that employs a meaningful shadow. The leading adoption can greatly help reduce the attention of attackers in order to enhance the security, while the second concept can avoid malicious behaviors from outside attackers or dishonest members.

Achieving Efficient and Secure Data Acquisition for Cloud-Supported Internet of Things in Smart Grid

Abstract: Cloud-supported Internet of Things (Cloud-IoT) has been broadly deployed in smart grid systems. The IoT front-ends are responsible for data acquisition and status supervision, while the substantial amount of data is stored and managed in the cloud server. Achieving data security and system efficiency in the data acquisition and transmission process are of great significance and challenging, because the power grid-related data is sensitive and in huge amount. In this paper, we present an efficient and secure data acquisition scheme based on ciphertext policy attribute-based encryption. Data acquired from the terminals will be partitioned into blocks and encrypted with its corresponding access subtree in sequence, thereby the data encryption and data transmission can be processed in parallel. Furthermore, we protect the information about the access tree with threshold secret sharing method, which can preserve the data privacy and integrity from users with the unauthorized sets of attributes. The formal analysis demonstrates that the proposed scheme can fulfill the security requirements of the Cloud-IoT in smart grid. The numerical analysis and experimental results indicate that our scheme can effectively reduce the time cost compared with other popular approaches.

A Comprehensive Comparison of Multiparty Secure Additions with Differential Privacy

Abstract: This paper considers the problem of secure data aggregation (mainly summation) in a distributed setting, while ensuring differential privacy of the result. We study secure multiparty addition protocols using well known security schemes: Shamir’s secret sharing, perturbation-based, and various encryptions. We supplement our study with our new enhanced encryption scheme EFT, which is efficient and fault tolerant.Differential privacy of the final result is achieved by either distributed Laplace or Geometric mechanism (respectively DLPA or DGPA), while approximated differential privacy is achieved by diluted mechanisms. Distributed random noise is generated collectively by all participants, which draw random variables from one of several distributions: Gamma, Gauss, Geometric, or their diluted versions. We introduce a new distributed privacy mechanism with noise drawn from the Laplace distribution, which achieves smaller redundant noise with efficiency. We compare complexity and security characteristics of the protocols with different differential privacy mechanisms and security schemes. More importantly, we implemented all protocols and present an experimental comparison on their performance and scalability in a real distributed environment. Based on the evaluations, we identify our security scheme and Laplace DLPA as the most efficient for secure distributed data aggregation with differential privacy.

Scaling ORAM for Secure Computation

Abstract: We design and implement a Distributed Oblivious Random Access Memory (DORAM) data structure that is optimized for use in two-party secure computation protocols. We improve upon the access time of previous constructions by a factor of up to ten, their memory overhead by a factor of one hundred or more, and their initialization time by a factor of thousands. We are able to instantiate ORAMs that hold 234 bytes, and perform operations on them in seconds, which was not previously feasible with any implemented scheme. Unlike prior ORAM constructions based on hierarchical hashing, permutation, or trees, our Distributed ORAM is derived from the new Function Secret Sharing scheme introduced by Boyle, Gilboa and Ishai. This significantly reduces the amount of secure computation required to implement an ORAM access, albeit at the cost of O(n) efficient local memory operations. We implement our construction and find that, despite its poor O(n) asymptotic complexity, it still outperforms the fastest previously known constructions, Circuit ORAM and Square-root ORAM, for datasets that are 32 KiB or larger, and outperforms prior work on applications such as stable matching or binary search by factors of two to ten.

Unconditional security of entanglement-based continuous-variable quantum secret sharing

Abstract: The need for secrecy and security is essential in communication. Secret sharing is a conventional protocol to distribute a secret message to a group of parties, who cannot access it individually but need to cooperate in order to decode it. While several variants of this protocol have been investigated, including realizations using quantum systems, the security of quantum secret sharing schemes still remains unproven almost two decades after their original conception. Here we establish an unconditional security proof for entanglement-based continuous-variable quantum secret sharing schemes, in the limit of asymptotic keys and for an arbitrary number of players. We tackle the problem by resorting to the recently developed one-sided device-independent approach to quantum key distribution. We demonstrate theoretically the feasibility of our scheme, which can be implemented by Gaussian states and homodyne measurements, with no need for ideal single-photon sources or quantum memories. Our results contribute to validating quantum secret sharing as a viable primitive for quantum technologies.

Chameleon: A Hybrid Secure Computation Framework for Machine Learning Applications.

Abstract: We present Chameleon, a novel hybrid (mixed-protocol) framework for secure function evaluation (SFE) which enables two parties to jointly compute a function without disclosing their private inputs. Chameleon combines the best aspects of generic SFE protocols with the ones that are based upon additive secret sharing. In particular, the framework performs linear operations in the ring $\mathbbZ _2^l $ using additively secret shared values and nonlinear operations using Yao's Garbled Circuits or the Goldreich-Micali-Wigderson protocol. Chameleon departs from the common assumption of additive or linear secret sharing models where three or more parties need to communicate in the online phase: the framework allows two parties with private inputs to communicate in the online phase under the assumption of a third node generating correlated randomness in an offline phase. Almost all of the heavy cryptographic operations are precomputed in an offline phase which substantially reduces the communication overhead. Chameleon is both scalable and significantly more efficient than the ABY framework (NDSS'15) it is based on. Our framework supports signed fixed-point numbers. In particular, Chameleon's vector dot product of signed fixed-point numbers improves the efficiency of mining and classification of encrypted data for algorithms based upon heavy matrix multiplications. Our evaluation of Chameleon on a 5 layer convolutional deep neural network shows 133x and 4.2x faster executions than Microsoft CryptoNets (ICML'16) and MiniONN (CCS'17), respectively.

Minimizing latency for secure distributed computing

Abstract: We consider the setting of a master server who possesses confidential data (genomic, medical data, etc.) and wants to run intensive computations on it, as part of a machine learning algorithm for example. The master wants to distribute these computations to untrusted workers who have volunteered or are incentivized to help with this task. However, the data must be kept private (in an information theoretic sense) and not revealed to the individual workers. The workers may be busy and will take a random time to finish the task assigned to them. We are interested in reducing the aggregate delay experienced by the master. We focus on linear computations as an essential operation in many iterative algorithms. A known solution is to use a linear secret sharing scheme to divide the data into secret shares on which the workers can compute. We propose to use instead new secure codes, called Staircase codes, introduced previously by two of the authors. We study the delay induced by Staircase codes which is always less than that of secret sharing. The reason is that secret sharing schemes need to wait for the responses of a fixed fraction of the workers, whereas Staircase codes offer more flexibility in this respect. For instance, for codes with rate R = 1/2 Staircase codes can lead to up to 40% reduction in delay compared to secret sharing.

Semi-quantum communication: protocols for key agreement, controlled secure direct communication and dialogue

Abstract: Semi-quantum protocols that allow some of the users to remain classical are proposed for a large class of problems associated with secure communication and secure multiparty computation. Specifically, first-time semi-quantum protocols are proposed for key agreement, controlled deterministic secure communication and dialogue, and it is shown that the semi-quantum protocols for controlled deterministic secure communication and dialogue can be reduced to semi-quantum protocols for e-commerce and private comparison (socialist millionaire problem), respectively. Complementing with the earlier proposed semi-quantum schemes for key distribution, secret sharing and deterministic secure communication, set of schemes proposed here and subsequent discussions have established that almost every secure communication and computation tasks that can be performed using fully quantum protocols can also be performed in semi-quantum manner. Some of the proposed schemes are completely orthogonal-state-based, and thus, fundamentally different from the existing semi-quantum schemes that are conjugate coding-based. Security, efficiency and applicability of the proposed schemes have been discussed with appropriate importance.

Complete weight enumerators of a family of three-weight linear codes

Abstract: Linear codes have been an interesting topic in both theory and practice for many years. In this paper, for an odd prime p, we present the explicit complete weight enumerator of a family of p-ary linear codes constructed with defining set. The weight enumerator is an immediate result of the complete weight enumerator, which shows that the codes proposed in this paper are three-weight linear codes. Additionally, all nonzero codewords are minimal and thus they are suitable for secret sharing.

Towards secure and flexible EHR sharing in mobile health cloud under static assumptions

Abstract: Electronic health record (EHR) systems are promising in the management of individual’s health. However, before widely deployed in practical applications, EHR systems have to tackle the privacy and efficiency challenges. Most of existing EHR sharing schemes suffer from severe efficiency drawbacks, resulting in inapplicability in mobile EHR system. Furthermore, the security assumptions in the previous schemes are usually based on non-static assumptions. In this paper, we propose a flexible EHR sharing scheme supporting offline encryption of EHR and outsourced decryption of EHR ciphertexts in mobile cloud computing. The proposed scheme is proven secure in the random oracle model under the static decisional bilinear Diffie–Hellman assumption. In our EHR sharing system, an EHR owner only need one multiplication in bilinear groups to generate the final EHR ciphertexts based on the offline ciphertexts computation, and an EHR user can easily decrypt the EHR cipheretext without requiring bilinear pairing operations based on the transformed ciphertexts from the EHR cloud. Our EHR sharing scheme allows access structures encoded in linear secret sharing schemes. Performance comparisons indicate that our scheme is very suitable for mobile health clouds.

RGB based multiple share creation in visual cryptography with aid of elliptic curve cryptography

Abstract: In visual cryptography, many shares are generated which are illogical containing certain message within themselves. When all shares are piled jointly, they tend to expose the secret of the image. The notion of visual secret sharing scheme is to encrypt a secret image into n illogical share images. It is unable to reveal any data on the original image if at least one of the shares is not achieved. The original image, in fact, is realized by overlapping the entire shares directly, in order that the human visual system is competent to identify the collective secret image without employing any complicated computational tools. Therefore, they are communicated steadily as number of shares. The elliptic curve cryptography approach, in turn, is employed to augment the privacy and safety of the image. The new-fangled technique is utilized to generate the multiple shares which are subjected to encryption and decryption by means of the elliptic curve cryptography technique. The test outcomes have revealed the fact that the peak signal to noise ratio is 58.0025, Mean square error value is 0.1164 and the correlation coefficient is 1 for the decrypted image without any sort of distortion of the original image.

Secret-sharing-based secure user recruitment protocol for mobile crowdsensing

Abstract: Mobile crowdsensing is a new paradigm in which a requester can recruit a group of mobile users via a platform and coordinate them to perform some sensing tasks by using their smartphones. In mobile crowdsensing, each user might perform multiple tasks with different sensing qualities. An important problem is recruiting the minimum number of users while achieving a satisfactory sensing quality for each task. Meanwhile, in order to ease users' worries about privacy disclosures, the user recruitment process needs to protect each user's sensing quality information from being revealed to other users or to the platform. We prove that this problem is NP-hard. To solve this problem, we first propose a Basic User Recruitment (BUR) protocol based on a greedy strategy, which can recruit nearly the minimum amount of users while ensuring that the total sensing quality of each task is no less than a given threshold. Based on BUR, we further propose a Secure User Recruitment (SUR) protocol by using secret sharing schemes. We analyze the approximation ratio and prove the security of the SUR protocol in the semi-honest model. Moreover, we extend SUR to deal with a more general case where the total sensing quality of each task might be an increasing submodular function. Finally, we demonstrate the significant performance of the proposed protocol through extensive simulations and execution in real smartphones.

Combination of Sharing Matrix and Image Encryption for Lossless $(k,n)$ -Secret Image Sharing

Abstract: This paper first introduces a $(k,n)$ -sharing matrix $S^{(k, n)}$ and its generation algorithm. Mathematical analysis is provided to show its potential for secret image sharing. Combining sharing matrix with image encryption, we further propose a lossless $(k,n)$ -secret image sharing scheme (SMIE-SIS). Only with no less than $k$ shares, all the ciphertext information and security key can be reconstructed, which results in a lossless recovery of original information. This can be proved by the correctness and security analysis. Performance evaluation and security analysis demonstrate that the proposed SMIE-SIS with arbitrary settings of $k$ and $n$ has at least five advantages: 1) it is able to fully recover the original image without any distortion; 2) it has much lower pixel expansion than many existing methods; 3) its computation cost is much lower than the polynomial-based secret image sharing methods; 4) it is able to verify and detect a fake share; and 5) even using the same original image with the same initial settings of parameters, every execution of SMIE-SIS is able to generate completely different secret shares that are unpredictable and non-repetitive. This property offers SMIE-SIS a high level of security to withstand many different attacks.

Does Coupling Affect the Security of Masked Implementations

Abstract: Masking schemes achieve provable security against side-channel analysis by using secret sharing to decorrelate key-dependent intermediate values of the cryptographic algorithm and side-channel information. Masking schemes make assumptions on how the underlying leakage mechanisms of hardware or software behave to account for various physical effects. In this paper, we investigate the effect of the physical placement on the security using leakage assessment on power measurements collected from an FPGA. In order to differentiate other masking failures, we use threshold implementations as masking scheme in conjunction with a high-entropy pseudorandom number generator. We show that we can observe differences in—possibly—exploitable leakage by placing functions corresponding to different shares of a cryptographic implementation in close proximity.

Private, Yet Practical, Multiparty Deep Learning

Abstract: In this paper, we consider the problem of multiparty deep learning (MDL), wherein autonomous data owners jointly train accurate deep neural network models without sharing their private data. We design, implement, and evaluate ∝MDL, a new MDL paradigm built upon three primitives: asynchronous optimization, lightweight homomorphic encryption, and threshold secret sharing. Compared with prior work, ∝MDL departs in significant ways: a) besides providing explicit privacy guarantee, it retains desirable model utility, which is paramount for accuracy-critical domains; b) it provides an intuitive handle for the operator to gracefully balance model utility and training efficiency; c) moreover, it supports delicate control over communication and computational costs by offering two variants, operating under loose and tight coordination respectively, thus optimizable for given system settings (e.g., limited versus sufficient network bandwidth). Through extensive empirical evaluation using benchmark datasets and deep learning architectures, we demonstrate the efficacy of ∝MDL.

Scaling ORAM for Secure Computation.

Abstract: We design and implement a Distributed Oblivious Random Access Memory (DORAM) data structure that is optimized for use in two-party secure computation protocols. We improve upon the access time of previous constructions by a factor of up to ten, their memory overhead by a factor of one hundred or more, and their initialization time by a factor of thousands. We are able to instantiate ORAMs that hold 234 bytes, and perform operations on them in seconds, which was not previously feasible with any implemented scheme. Unlike prior ORAM constructions based on hierarchical hashing, permutation, or trees, our Distributed ORAM is derived from the new Function Secret Sharing scheme introduced by Boyle, Gilboa and Ishai. This significantly reduces the amount of secure computation required to implement an ORAM access, albeit at the cost of O(n) efficient local memory operations. We implement our construction and find that, despite its poor O(n) asymptotic complexity, it still outperforms the fastest previously known constructions, Circuit ORAM and Square-root ORAM, for datasets that are 32 KiB or larger, and outperforms prior work on applications such as stable matching or binary search by factors of two to ten.

Decentralized E-Voting Systems Based on the Blockchain Technology

Abstract: This research is aimed to design a decentralized e-voting system. The core idea is to combine the blockchain technology with secret sharing scheme and homomorphic encryption in order to realize the decentralized e-voting application without a trusted third party. It provides a public and transparent voting process while protecting the anonymity of voter’s identity, the privacy of data transmission and verifiability of ballots during the billing phase.

A Proposal of a Secure P2P-Type Storage Scheme by Using the Secret Sharing and the Blockchain

Abstract: We propose a new secure online storage scheme based on an open P2P network without a central server. In the proposed scheme, attackers cannot detect target user data in the online storage because the user data is divided into some parts by the secret sharing, and they are distributed to P2P nodes via the anonymous communication. The proposed scheme can prevent the direct attack on the target user node because metadata for the reconstruction also hidden in the online storage, hence nothing remains in the user node. Even if the state of the P2P network varies over time between the storing and restoring operation, the proposed scheme ensures that the user can identify the target nodes which stored his metadata by utilizing the Blockchain technology with only memorable secure information for user authentication. Furthermore, a malicious node to attack on others can be detected and ruled out by the mutual monitoring among the nodes and the majority decision rule.

TOPPSS: Cost-Minimal Password-Protected Secret Sharing Based on Threshold OPRF

Abstract: We present TOPPSS, the most efficient Password-Protected Secret Sharing (PPSS) scheme to date A (t, n)-threshold PPSS, introduced by Bagherzandi et al [4], allows a user to share a secret among n servers so that the secret can later be reconstructed by the user from any subset of \(t+1\) servers with the sole knowledge of a password It is guaranteed that any coalition of up to t corrupt servers learns nothing about the secret (or the password) In addition to providing strong protection to secrets stored online, PPSS schemes give rise to efficient Threshold PAKE (T-PAKE) protocols that armor single-server password authentication against the inherent vulnerability to offline dictionary attacks in case of server compromise

Secret-Sharing for NP

Abstract: A computational secret-sharing scheme is a method that enables a dealer, that has a secret, to distribute this secret among a set of parties such that a "qualified" subset of parties can efficiently reconstruct the secret while any "unqualified" subset of parties cannot efficiently learn anything about the secret. The collection of "qualified" subsets is defined by a monotone Boolean function. It has been a major open problem to understand which (monotone) functions can be realized by a computational secret-sharing scheme. Yao suggested a method for secret-sharing for any function that has a polynomial-size monotone circuit (a class which is strictly smaller than the class of monotone functions in $${\mathsf {P}}$$P). Around 1990 Rudich raised the possibility of obtaining secret-sharing for all monotone functions in $${\mathsf {NP}}$$NP: in order to reconstruct the secret a set of parties must be "qualified" and provide a witness attesting to this fact. Recently, Garg et al. (Symposium on theory of computing conference, STOC, pp 467---476, 2013) put forward the concept of witness encryption, where the goal is to encrypt a message relative to a statement $$x\in L$$xźL for a language $$L\in {\mathsf {NP}}$$LźNP such that anyone holding a witness to the statement can decrypt the message; however, if $$x otin L$$xźL, then it is computationally hard to decrypt. Garg et al. showed how to construct several cryptographic primitives from witness encryption and gave a candidate construction. One can show that computational secret-sharing implies witness encryption for the same language. Our main result is the converse: we give a construction of a computational secret-sharing scheme for any monotone function in $${\mathsf {NP}}$$NP assuming witness encryption for $${\mathsf {NP}}$$NP and one-way functions. As a consequence we get a completeness theorem for secret-sharing: computational secret-sharing scheme for any single monotone $${\mathsf {NP}}$$NP-complete function implies a computational secret-sharing scheme for every monotone function in $${\mathsf {NP}}$$NP.

Dynamic quantum secret sharing by using d-dimensional GHZ state

Abstract: Through generating the d-dimensional GHZ state in the Z-basis and measuring it in the X-basis, a dynamic quantum secret sharing scheme is proposed. In the proposed scheme, multiple participants can be added or deleted in one update period, and the shared secret does not need to be changed. The participants can be added or deleted by themselves, and the dealer does not need to be online. Compared to the existing schemes, the proposed scheme is more efficient and more practical.

Secret sharing for cloud data security: a survey

Abstract: Cloud computing helps reduce costs, increase business agility and deploy solutions with a high return on investment for many types of applications. However, data security is of premium importance to many users and often restrains their adoption of cloud technologies. Various approaches, i.e., data encryption, anonymization, replication and verification, help enforce different facets of data security. Secret sharing is a particularly interesting cryptographic technique. Its most advanced variants indeed simultaneously enforce data privacy, availability and integrity, while allowing computation on encrypted data. The aim of this paper is thus to wholly survey secret sharing schemes with respect to data security, data access and costs in the pay-as-you-go paradigm.

An efficient (t,n)---threshold secret image sharing scheme

Abstract: We propose a novel (t,n)---threshold secret image sharing scheme based on Shamir's polynomial interpolation paradigm. The proposed scheme is a derivative of Thien and Lin's (Computers & Graphics 26(5):765---770, [13]) and some of its variants by ensuring less intrusive changes in the secret image. This is achieved by cyclically shifting the bits of the secret image, thus allowing a modification in the least significant bit to have a large effect on the values used in computation of shadow images. Statistical tests and simulations are presented to show the efficiency and robustness of the proposed scheme, in particular good randomness of shadow images, little correlation between adjacent pixels, and high entropy. Competence of the proposed scheme is further demonstrated by means of comparison with existing schemes.

Quantum secret sharing using the d-dimensional GHZ state

Abstract: We propose a quantum secret sharing scheme that uses an orthogonal pair of n-qudit GHZ states and local distinguishability. In the proposed protocol, the participants use an X-basis measurement and classical communication to distinguish between the two orthogonal states and reconstruct the original secret. We also present (2, n)-threshold and generalized restricted (2, n)-threshold schemes that enable any two cooperating players from two disjoint groups to always reconstruct the secret. Compared to the existing scheme by Rahaman and Parker (Phys Rev A 91:022330, 2015), the proposed scheme is more general and the access structure contains more authorized sets.

An Efficient Lattice Based Multi-Stage Secret Sharing Scheme

Abstract: In this paper, we construct a lattice based threshold multi-stage secret sharing (MSSS) scheme according to Ajtai’s construction for one-way functions. In an MSSS scheme, the authorized subsets of participants can recover a subset of secrets at each stage while other secrets remain undisclosed. In this paper, each secret is a vector from a $t$ -dimensional lattice and the basis of each lattice is kept private. A $t$ -subset of $n$ participants can recover the secret(s) using their assigned shares. Using a lattice based one-way function, even after some secrets are revealed, the computational security of the unrecovered secrets is provided against quantum computers. The scheme is multi-use in the sense that to share a new set of secrets, it is sufficient to renew some public information such that a new share distribution is no longer required. Furthermore, the scheme is verifiable meaning that the participants can verify the shares received from the dealer and the recovered secrets from the combiner, using public information.

Nframe: A privacy-preserving with non-frameability handover authentication protocol based on (t, n) secret sharing for LTE/LTE-A networks

Abstract: Seamless handover between the evolved universal terrestrial radio access network and other access networks is highly desirable to mobile equipments in the long term evolution (LTE) or LTE-Advanced (LTE-A) networks, but ensuring security and efficiency of this process is challenging. In this paper, we propose a novel privacy-preserving with non-frameability handover authentication protocol based on (t, n) secret sharing to fit in with all of the mobility scenarios in the LTE/LTE-A networks, which is called Nframe. To the best of our knowledge, Nframe is the first to support protecting users’ privacy with non-frameability in the handover process. Moreover, Nframe uses pairing-free identity based cryptographic method to secure handover process and to achieve high efficiency. The formal verification by the AVISPA tool shows that Nframe is secure against various malicious attacks and the simulation result indicates that it outperforms the existing schemes in terms of computation and communication cost.

Foundations of Homomorphic Secret Sharing.

Abstract: Homomorphic secret sharing (HSS) is the secret sharing analogue of homomorphic encryption. An HSS scheme supports a local evaluation of functions on shares of one or more secret inputs, such that the resulting shares of the output are short. Some applications require the stronger notion of additive HSS, where the shares of the output add up to the output over some finite Abelian group. While some strong positive results for HSS are known under specific cryptographic assumptions, many natural questions remain open. We initiate a systematic study of HSS, making the following contributions. - A definitional framework. We present a general framework for defining HSS schemes that unifies and extends several previous notions from the literature, and cast known results within this framework. - Limitations. We establish limitations on information-theoretic multi-input HSS with short output shares via a relation with communication complexity. We also show that additive HSS for non-trivial functions, even the AND of two input bits, implies non-interactive key exchange, and is therefore unlikely to be implied by public-key encryption or even oblivious transfer. - Applications. We present two types of applications of HSS. First, we construct 2-round protocols for secure multiparty computation from a simple constant-size instance of HSS. As a corollary, we obtain 2-round protocols with attractive asymptotic efficiency features under the Decision Diffie Hellman (DDH) assumption. Second, we use HSS to obtain nearly optimal worst-case to average-case reductions in P. This in turn has applications to fine-grained average-case hardness and verifiable computation.