Topic
Verifiable secret sharing
About: Verifiable secret sharing is a research topic. Over the lifetime, 4241 publications have been published within this topic receiving 99569 citations.
Papers published on a yearly basis
Papers
More filters
Posted Content•
TL;DR: This work proposes a novel cryptographic solution, called verifiable attribute-based keyword search (VABKS), which allows a data user to search over the data owner's outsourced encrypted data, outsource the tedious search operations to the cloud, and verify whether the cloud has faithfully executed the search operations.
Abstract: It is common nowadays for data owners to outsource their data to the cloud. Since the cloud cannot be fully trusted, the outsourced data should be encrypted. This however brings a range of problems, such as: How should a data owner grant search capabilities to the data users? How can the authorized data users search over a data owner's outsourced encrypted data? How can the data users be assured that the cloud faithfully executed the search operations on their behalf? Motivated by these questions, we propose a novel cryptographic solution, called verifiable attribute-based keyword search (VABKS). The solution allows a data user, whose credentials satisfy a data owner's access control policy, to (i) search over the data owner's outsourced encrypted data, (ii) outsource the tedious search operations to the cloud, and (iii) verify whether the cloud has faithfully executed the search operations. We formally define the security requirements of VA B K S and describe a construction that satisfies them. Performance evaluation shows that the proposed schemes are practical and deployable.
70 citations
18 Aug 2008
TL;DR: MPSS allows the number of tolerated faulty shareholders to change when the secret is moved so that the system can tolerate more (or fewer) corruptions, and allows reconfiguration on the fly to accommodate changes in the environment.
Abstract: MPSS is a new way to do proactive secret sharing in asynchronous networks. MPSS provides mobility: The group of nodes holding the shares of the secret can change at each resharing, which is essential in a long-lived system. MPSS additionally allows the number of tolerated faulty shareholders to change when the secret is moved so that the system can tolerate more (or fewer) corruptions; this allows reconfiguration on the fly to accommodate changes in the environment.
70 citations
26 Jun 2006
TL;DR: A strong (k,n) threshold-based ramp secret sharing scheme with k access levels with large compression rate on the size of the shares and strong protection of the secrets is presented.
Abstract: This paper presents a strong (k,n) threshold-based ramp secret sharing scheme with k access levels The secrets are the elements represented in a square matrix S The secret matrix S can be shared among n different participants using a matrix projection technique where: i) any subset of k participants can collaborate together to reconstruct the secret, and ii) any subset of (k-1) or fewer participants cannot partially discover the secret matrix The primary advantages are its large compression rate on the size of the shares and its strong protection of the secrets
70 citations
18 Aug 2008
TL;DR: A Byzantine agreement protocol that simultaneously achieves three properties: (optimal) resilience: it works as long as n>3t; (almost-sure) termination: with probability one, all nonfaulty processes terminate; (polynomial) efficiency: the expected computation time, memory consumption, message size, and number of messages sent are all polynomial in n.
Abstract: Consider an asynchronous system with private channels and n processes, up to t of which may be faulty. We settle a longstanding open question by providing a Byzantine agreement protocol that simultaneously achieves three properties: (optimal) resilience: it works as long as n>3t;(almost-sure) termination: with probability one, all nonfaulty processes terminate;(polynomial) efficiency: the expected computation time, memory consumption, message size, and number of messages sent are all polynomial in n. Earlier protocols have achieved only two of these three properties. In particular, the protocol of Bracha is not polynomially efficient, the protocol of Feldman and Micali is not optimally resilient, and the protocol of Canetti and Rabin does not have almost-sure termination. Our protocol utilizes a new primitive called shunning (asynchronous) verifiable secret sharing (SVSS), which ensures, roughly speaking, that either a secret is successfully shared or a new faulty process is ignored from this point onwards by some nonfaulty process.
69 citations
NEC1
TL;DR: This work proposes a k-TAA scheme where the numbers of exponentiations required for the entities in an authentication are independent of k, and presents an efficient publicly verifiable k- TAA scheme, where the number of modular exponentiation required forThe entities is O(log(k).
Abstract: A k-Times Anonymous Authentication (k-TAA) scheme allows users to be authenticated anonymously so long as the number of times that they are authenticated is within an allowable number. Some promising applications are e-voting, e-cash, e-coupons, and trial browsing of contents. However, the previous schemes are not efficient in the case where the allowable number k is large, since they require both users and verifiers to compute O(k) exponentiation in each authentication. We propose a k-TAA scheme where the numbers of exponentiations required for the entities in an authentication are independent of k. Moreover, we propose a notion of public detectability in a k-TAA scheme and present an efficient publicly verifiable k-TAA scheme, where the number of modular exponentiations required for the entities is O(log(k)).
69 citations