Verifiable secret sharing

About: Verifiable secret sharing is a research topic. Over the lifetime, 4241 publications have been published within this topic receiving 99569 citations.

Method and apparatus for secure key management using multi-threshold secret sharing

Abstract: A method and apparatus are disclosed for managing components of a secret key according to a secret sharing scheme. The disclosed secret sharing scheme divides a secret value, R, into n secret components (Rl, R2, ..., Rn) and one super component, S, in such a way that R can be computed from (i) any k or more Ri components (k < n); or (ii) S and anyone component of Ri. The secret components (Rl, R2, ..., Rn) are distributed to a number of authorized users. A multiple threshold secret sharing scheme assigns various users in a group into one of a number of classes. Each user class has a corresponding threshold level that indicates the number of users that must come together with their assigned components to obtain access to the shared secret. The multiple threshold scheme divides the secret into n components each having an assigned threshold level (i.e., the number of such components that are required to obtain the secret). Any component having a lower threshold level can satisfy the role of a component having a higher threshold level. The multiple threshold scheme provides a hierarchical scheme that allows the secret, R, to be shared among different groups of people with different thresholds.

A linear construction of perfect secret sharing schemes

Abstract: In this paper, we generalize the vector space construction due to Brickell [5]. This generalization, introduced by Bertilsson [1], leads to perfect secret sharing schemes with rational information rates in which the secret can be computed efficiently by each qualified group. A one to one correspondence between the generalized construction and linear block codes is stated. It turns out that the approach of minimal codewords by Massey [15] is a special case of this construction. For general access structures we present an outline of an algorithm for determining whether a rational number can be realized as information rate by means of the generalized vector space construction. If so, the algorithm produces a perfect secret sharing scheme with this information rate. As a side-result we show a correspondence between the duality of access structures and the duality of codes.

Foiling covert channels and malicious classical post-processing units in quantum key distribution

Abstract: The existing paradigm for the security of quantum key distribution (QKD) suffers from two fundamental weaknesses. First, covert channels have emerged as an important threat and have attracted a lot of attention in security research in conventional information and communication systems. Covert channels (e.g. memory attacks) can fatally break the security of even device-independent quantum key distribution (DI-QKD), whenever QKD devices are re-used. Second, it is often implicitly assumed that the classical post-processing units of a QKD system are trusted. This is a rather strong assumption and is very hard to justify in practice. Here, we propose a new paradigm for the security of QKD that addresses these two fundamental problems. Specifically, we show that by using verifiable secret sharing and multiple optical devices and classical post-processing units, one could re-establish the security of QKD. Our techniques are rather general and they apply to both DI-QKD and non-DI-QKD.

Rfid security system

Abstract: A process for handling secret data In an RPID tag, a cryptography key protecting the secret data is written while with a first holder, a threshold cryptography share is stored, or an arbitrary value is obtained for an identity-based encryption (IBE) algorithm The cryptography key can then be read and used by a second holder to access the secret data, the threshold cryptography shares can be read and aggregated with other shares to access the secret data, or the arbitrary value can be used as the basis for a public key to protect the secret data and with a corresponding private key to access the secret data

An Efficient ABE Scheme With Verifiable Outsourced Encryption and Decryption

Abstract: Attribute-based encryption (ABE) is a promising cryptographic tool for data owner (DO) to realize fine-grained date sharing in the cloud computing. In the encryption of most existing ABE schemes, a substantial number of modular exponentiations are often required; the computational cost of it is growing linearly with the complexity of the access policy. Besides, in the most existing ABE with outsourced decryption, the computation cost of generating transformation key is growing linearly with the number of attributes associated with user private key; these computations are prohibitively high for mobile device users, which becomes a bottleneck limiting its application. To address the above issues, we propose a secure outsourcing algorithm for modular exponentiation in one single untrusted server model and a new method to generate the transformation key. Based on these techniques and Brent Waters's ciphertext-policy ABE scheme, we propose an ABE scheme with verifiable outsourced both encryption and decryption, which can securely outsource encryption and decryption to untrusted encryption service provider (ESP) and decryption service provider (DSP), respectively, leaving only a constant number of simple operations for the DO and eligible users to perform locally. In addition, both DO and the eligible users can check the correctness of results returned from the ESP and the DSP with a probability, respectively. Finally, we provide the experimental evaluation and security analysis of our scheme, which indicates that our construction is suitable for the mobile environment.