Verifiable secret sharing

About: Verifiable secret sharing is a research topic. Over the lifetime, 4241 publications have been published within this topic receiving 99569 citations.

Building Verifiable Trusted Path on Commodity x86 Computers

Abstract: A trusted path is a protected channel that assures the secrecy and authenticity of data transfers between a user's input/output (I/O) device and a program trusted by that user We argue that, despite its incontestable necessity, current commodity systems do not support trusted path with any significant assurance This paper presents a hyper visor-based design that enables a trusted path to bypass an untrusted operating-system, applications, and I/O devices, with a minimal Trusted Computing Base (TCB) We also suggest concrete I/O architectural changes that will simplify future trusted-path system design Our system enables users to verify the states and configurations of one or more trusted-paths using a simple, secret less, hand-held device We implement a simple user-oriented trusted path as a case study

Verifiable trust for data through wrapper composition

Abstract: A digital escrow pattern for data services can include selective access for obscured data at a remote site or in a cloud service, distributing trust across multiple entities to avoid a single point of data compromise. Based on the pattern, a "trustworthy envelope" for any kind of payload enables curtained access through a variety of decorations or seals placed on the envelope that allow for a gamut of trust ranging with guarantees such as, but not limited to, confidentiality, privacy, anonymity, tamper detection, integrity, etc. Verifiable trust is provided through families of techniques that are referred to as wrapper composition. Multiple concentric and/or lateral transform wrappers or layers can wholly or partially transform data, metadata or both to mathematical transform (e.g., encrypt, distribute across storage, obscure) or otherwise introduce lack of visibility to some or all of the data, metadata or both.

An Efficient Dynamic and Distributed Cryptographic Accumulator

Abstract: We show how to use the RSA one-way accumulator to realize an efficient and dynamic authenticated dictionary, where untrusted directories provide cryptographically verifiable answers to membership queries on a set maintained by a trusted source. Our accumulator-based scheme for authenticated dictionaries supports efficient incremental updates of the underlying set by insertions and deletions of elements. Also, the user can optimally verify in constant time the authenticity of the answer provided by a directory with a simple and practical algorithm. This work has applications to certificate revocation in public key infrastructure and end-to-end integrity of data collections published by third parties on the Internet.

TMACS: A Robust and Verifiable Threshold Multi-Authority Access Control System in Public Cloud Storage

Abstract: Attribute-based Encryption (ABE) is regarded as a promising cryptographic conducting tool to guarantee data owners’ direct control over their data in public cloud storage. The earlier ABE schemes involve only one authority to maintain the whole attribute set, which can bring a single-point bottleneck on both security and performance. Subsequently, some multi-authority schemes are proposed, in which multiple authorities separately maintain disjoint attribute subsets. However, the single-point bottleneck problem remains unsolved. In this paper, from another perspective, we conduct a threshold multi-authority CP-ABE access control scheme for public cloud storage, named TMACS, in which multiple authorities jointly manage a uniform attribute set. In TMACS, taking advantage of ( $t,n$ ) threshold secret sharing, the master key can be shared among multiple authorities, and a legal user can generate his/her secret key by interacting with any $t$ authorities. Security and performance analysis results show that TMACS is not only verifiable secure when less than $t$ authorities are compromised, but also robust when no less than $t$ authorities are alive in the system. Furthermore, by efficiently combining the traditional multi-authority scheme with TMACS, we construct a hybrid one, which satisfies the scenario of attributes coming from different authorities as well as achieving security and system-level robustness.

Multiparty secret sharing of quantum information using and identifying Bell states

Abstract: In this paper, only Bell states are employed and needed to be identified to realize the multiparty secret sharing of quantum information, where the secret is an arbitrary unknown quantum state in a qubit. In our multiparty quantum information secret sharing (QISS) scheme, no subset of all the quantum information receivers is sufficient to reconstruct the unknown state in a qubit but the entire is. The present multiparty QISS scheme is more feasible with present-clay technique.