Verifiable secret sharing

About: Verifiable secret sharing is a research topic. Over the lifetime, 4241 publications have been published within this topic receiving 99569 citations.

Verifiable Random Functions (VRFs)

Abstract: A Verifiable Random Function (VRF) is the public-key version of a keyed cryptographic hash. Only the holder of the private key can compute the hash, but anyone with public key can verify the correctness of the hash. VRFs are useful for preventing enumeration of hash-based data structures. This document specifies several VRF constructions that are secure in the cryptographic random oracle model. One VRF uses RSA and the other VRF uses Eliptic Curves (EC).

On the optimization of bipartite secret sharing schemes

Abstract: Optimizing the ratio between the maximum length of the shares and the length of the secret value in secret sharing schemes for general access structures is an extremely difficult and long-standing open problem. In this paper, we study it for bipartite access structures, in which the set of participants is divided in two parts, and all participants in each part play an equivalent role. We focus on the search of lower bounds by using a special class of polymatroids that is introduced here, the tripartite ones. We present a method based on linear programming to compute, for every given bipartite access structure, the best lower bound that can be obtained by this combinatorial method. In addition, we obtain some general lower bounds that improve the previously known ones, and we construct optimal secret sharing schemes for a family of bipartite access structures.

Generalized secret sharing and group-key distribution using short keys

Abstract: We relate two basic primitives: generalized secret sharing and group-key distribution. We suggest cryptographic implementations for both and show that they are provably secure according to exact definitions and assumptions given in the present paper. Both solutions require small secret space (namely, short keys). We first consider secret sharing with arbitrary access structures which is a basic primitive for controlling retrieval of secret information. We consider the computational security model, where cryptographic assumptions are allowed. Our design of a general secret-sharing scheme requires considerably less secure memory (i.e., shorter keys) than before. We then introduce the notion of a (single source) group-key distribution protocol which allows a center in an integrated network to securely and repeatedly send different keys to different groups. Such a capability is of increasing importance as it is a building block for secret information dissemination to various groups of participants in the presence of eavesdropping in a network environment. There are only a few previous investigations concerning this primitive and they either require a large amount of storage of secret information (due to their information theoretic security model) or lack rigorous definitions and proofs of security. We base both primitives on pseudo-random functions. We prove that the two are related; we give a reduction showing that group-key distribution implies secret-sharing under pseudo-random functions (i.e., one-way functions).