Ideal Multipartite Secret Sharing Schemes

Multipartite secret sharing schemes are those having a multipartite access structure, in which the set of participants is divided into several parts and all participants in the same part play an equivalent role. In this work, the characterization of ideal multipartite access structures is studied with all generality. Our results are based on the well-known connections between ideal secret sharing schemes and matroids and on the introduction of a new combinatorial tool in secret sharing, integer polymatroids .     

Multipartite Secret Sharing Based on CRT

Secure communication has become more and more important for system security. Since avoiding the use of encryption one by one can introduce less computation complexity, secret sharing scheme (SSS) has been used to design many security protocols. In SSSs, several authors have studied multipartite access structures, in which the set of participants is divided into several parts and all participants in the same part play an equivalent role. Access structures realized by threshold secret sharing are the simplest multipartite access structures, i.e., unipartite access structures. Since Asmuth–Bloom scheme based on Chinese remainder theorem (CRT) was presented for threshold secret sharing, recently, threshold cryptography based on Asmuth–Bloom secret sharing were firstly proposed by Kaya et al. In this paper, we extend Asmuth–Bloom and Kaya schemes to bipartite access structures and further investigate how SSSs realizing multipartite access structures can be conducted with the CRT. Actually, every access structure is multipartite and, hence, the results in this paper can be seen as a new construction of general SSS based on the CRT. Asmuth–Bloom and Kaya schemes become the special cases of our scheme.     

一类不可表示的多部秘密共享拟阵

 一直以来,理想的存取结构具有的特性是秘密共享领域中主要的开放性问题之一,并且该问题与拟阵论有着密切的联系.多部存取结构是指将参与者集合划分为多个部分,使得同一部分中的参与者在存取结构中扮演等价的角色,由于每个存取结构都可以看作是多部的,于是多部存取结构的特性被广泛地研究.在EUROCRYPT’07上,Farras等人研究了秘密共享方案中理想多部存取结构的特性.他们的工作具有令人振奋的结果：通过研究多部拟阵和离散多拟阵之间的关系,他们得到了多部存取结构为理想存取结构的一个必要条件和一个充分条件,并且证明了一个多部拟阵是可表示的当且仅当其对应的离散多拟阵是可表示的.在文中,他们给出了一个开放性问题：可表示的离散多拟阵具有的特性,即哪些离散多拟阵是可表示的,哪些是不可表示的.本文给出并证明了一类不可表示的离散多拟阵,即给出了一个离散多拟阵为不可表示的离散多拟阵的一个充分条件.我们将这一结论应用于Vamos拟阵,于是得到了一族不可表示的多部拟阵,同时我们利用向量的线性相关和线性无关性对Vamos拟阵的不可表示性给出了新的证明.     

Hierarchical Threshold Secret Sharing

We consider the problem of threshold secret sharing in groups with hierarchical structure. In such settings, the secret is shared among a group of participants that is partitioned into levels. The access structure is then determined by a sequence of threshold requirements: a subset of participants is authorized if it has at least k₀ 0 members from the highest level, as well as at least k₁ > k₀ members from the two highest levels and so forth. Such problems may occur in settings where the participants differ in their authority or level of confidence and the presence of higher level participants is imperative to allow the recovery of the common secret. Even though secret sharing in hierarchical groups has been studied extensively in the past, none of the existing solutions addresses the simple setting where, say, a bank transfer should be signed by three employees, at least one of whom must be a department manager. We present a perfect secret sharing scheme for this problem that, unlike most secret sharing schemes that are suitable for hierarchical structures, is ideal. As in Shamir's scheme, the secret is represented as the free coefficient of some polynomial. The novelty of our scheme is the usage of polynomial derivatives in order to generate lesser shares for participants of lower levels. Consequently, our scheme uses Birkhoff interpolation, i.e., the construction of a polynomial according to an unstructured set of point and derivative values. A substantial part of our discussion is dedicated to the question of how to assign identities to the participants from the underlying finite field so that the resulting Birkhoff interpolation problem will be well posed. In addition, we devise an ideal and efficient secret sharing scheme for the closely related hierarchical threshold access structures that were studied by Simmons and Brickell.     

基于极小线性码上的秘密共享方案

从理论上说,每个线性码都可用于构造秘密共享方案,但是在一般情况下,所构造的秘密共享方案的存取结构是难以确定的.本文提出了极小线性码的概念,指出基于这种码的对偶码所构造的秘密共享方案的存取结构是容易确定的.本文首先证明了极小线性码的缩短码一定是极小线性码.然后对几类不可约循环码给出它们为极小线性码的判定条件,并在理论上研究了基于几类不可约循环码的对偶码上的秘密共享方案的存取结构.最后用编程具体求出了一些实例中方案的存取结构.     

Secret image sharing scheme with hierarchical threshold access structure

A hierarchical threshold secret image sharing (HTSIS) scheme is a method to share a secret image among a set of participants with different levels of authority. Recently, Guo et al. (2012) [22] proposed a HTSIS scheme based on steganography and Birkhoff interpolation. However, their scheme does not provide the required secrecy needed for HTSIS schemes so that some non-authorized subsets of participants are able to recover parts of the secret image. In this paper, we employ cellular automata and Birkhoff interpolation to propose a secure HTSIS scheme. In the new scheme, each authorized subset of participants is able to recover both the secret and cover images losslessly whereas non-authorized subsets obtain no information about the secret image. Moreover, participants are able to detect tampering of the recovered secret image. Experimental results show that the proposed scheme outperforms Guo et al.’s approach in terms of visual quality as well.     

Secret sharing schemes with bipartite access structure

We study the information rate of secret sharing schemes whose access structure is bipartite. In a bipartite access structure there are two classes of participants and all participants in the same class play an equivalent role in the structure. We characterize completely the bipartite access structures that can be realized by an ideal secret sharing scheme. Both upper and lower bounds on the optimal information rate of bipartite access structures are given. These results are applied to the particular case of weighted threshold access structure with two weights     

Strongly ideal secret sharing schemes

We define strongly ideal secret sharing schemes to be ideal secret sharing schemes in which certain natural requirements are placed on the decoder. We prove an information-theoretic characterization of perfect schemes, and use it to determine which access structures can be encoded by strongly ideal schemes. We also discuss a hierarchy of secret sharing schemes that are more powerful than strongly ideal schemes.     

具有传递性质的接入结构上的秘密分享方案的构造

引入了具有传递性质的接入结构的概念,并给出一种构造具有这类接入结构的秘密分享方案的通用方法,该方法简捷易行.对要分享的一个秘密,不管一个参与者属于多少个最小合格子集,他只需保存一个秘密份额.而且用于分享多个秘密时,不需要增加分享者额外的信息保存量.因而优于已有的其他许多方法.文中还给出了实例以说明如何具体地构造具有这类接入结构的秘密分享方案.     

等级系统中的访问控制方案研究

本文基于Lagrange插值多项式,提出了等级系统中的一个访问控制方案,并从空间复杂度和时间复杂度角度分析了其性能.该方案具有很强的安全性,并且允许所有用户自主选择秘密密钥.提出了基于门限秘密共享体制的一般性访问控制方案,阐述了一般性的访问控制方案的基本思想、方案的构造算法及安全性.     

Ideal secret sharing schemes with multiple secrets

We consider secret sharing schemes which, through an initial issuing of shares to a group of participants, permit a number of different secrets to be protected. Each secret is associated with a (potentially different) access structure and a particular secret can be reconstructed by any group of participants from its associated access structure without the need for further broadcast information. We consider ideal secret sharing schemes in this more general environment. In particular, we classify the collections of access structures that can be combined in such an ideal secret sharing scheme and we provide a general method of construction for such schemes. We also explore the extent to which the results that connect ideal secret sharing schemes to matroids can be appropriately generalized.The work of the second and third authors was supported by the Australian Research Council.     

Linear codes from perfect nonlinear mappings and their secret sharing schemes

In this paper, error-correcting codes from perfect nonlinear mappings are constructed, and then employed to construct secret sharing schemes. The error-correcting codes obtained in this paper are very good in general, and many of them are optimal or almost optimal. The secret sharing schemes obtained in this paper have two types of access structures. The first type is democratic in the sense that every participant is involved in the same number of minimal-access sets. In the second type of access structures, there are a few dictators who are in every minimal access set, while each of the remaining participants is in the same number of minimal-access sets.     

On the size of shares for secret sharing schemes

A secret sharing scheme permits a secret to be shared among participants in such a way that only qualified subsets of participants can recover the secret, but any nonqualified subset has absolutely no information on the secret. The set of all qualified subsets defines the access structure to the secret. Sharing schemes are useful in the management of cryptographic keys and in multiparty secure protocols.We analyze the relationships among the entropies of the sample spaces from which the shares and the secret are chosen. We show that there are access structures with four participants for which any secret sharing scheme must give to a participant a share at least 50% greater than the secret size. This is the first proof that there exist access structures for which the best achievable information rate (i.e., the ratio between the size of the secret and that of the largest share) is bounded away from 1. The bound is the best possible, as we construct a secret sharing scheme for the above access structures that meets the bound with equality.This work was partially supported by Algoritmi, Modelli di Calcolo e Sistemi Informativi of M.U.R.S.T. and by Progetto Finalizzato Sistemi Informatici e Calcolo Parallelo of C.N.R. under Grant Number 91.00939.PF69.     

含至多四个参与者的量子秘密共享方案的最优信息率

信息率是衡量量子秘密共享方案性能的一个重要指标.在本文中,我们利用超图的相关理论刻画了量子存取结构.然后,利用超图和量子存取结构间的关系给出了参与者人数至多为4的所有13个量子存取结构,并基于量子信息论研究了其最优信息率及所对应的完善的量子秘密共享方案.对其中的5种存取结构的最优信息率的准确值进行了计算,并讨论了达到此信息率的方案的具体构造;对余下的8种存取结构的最优信息率的上界进行了计算.     

适用于任意接入结构的可验证多秘密分享方案

对一般接入结构上的可验证多秘密分享进行了研究，给出了可适用于任意接入结构的一类可验证多秘密分享方案的构造方法。用这种方法构造的可验证多秘密分享方案具有以下性质：可在一组分享者中同时分享多个秘密；分发者发送给每一分享者的秘密份额都是可公开验证的；关于每一秘密的公开信息也是可公开验证的；恢复秘密时可防止分享者提供假的份额。分析表明，用此方法构造的可验证多秘密分享方案不仅是安全的，而且是高效的。     

基于新型秘密共享方法的高效RSA门限签名方案

针对传统的门限RSA签名体制中需对剩余环Z(N)中元素求逆(而环中元素未必有逆)的问题,该文首先提出一种改进的Shamir秘密共享方法。 该方法通过在整数矩阵中的一系列运算来恢复共享密钥。由于其中涉及的参数均为整数,因此避免了传统方案中由Lagrange插值公式产生的分数而引起的环Z(N)中的求逆运算。然后基于该改进的秘密共享方法给出了一个新型的门限RSA Rivest Shanair Atleman签名方案。由于该方案无须在任何代数结构(比如Z(N))中对任何元素求逆,也无须进行代数扩张,因此在实际应用中更为方便、有效。     

基于向量空间接入结构的分布式密钥生成

密钥生成是密码系统的一个重要组成部分,其安全性对整个密码系统的安全性起着至关重要的作用.在群体保密通信、电子商务和面向群体的密码学中,往往需要采用分布式的密钥生成方式.本文对基于向量空间接入结构的分布式密钥生成进行了研究.以向量空间接入结构上信息论安全的一个可验证秘密分享方案为基础,提出了适应于这类接入结构的一个安全高效的分布式密钥生成协议.该协议比常见的基于门限接入结构的分布式密钥生成协议具有更广泛的适用性.     

Mutually Trusted Authority-Free Secret Sharing Schemes

Traditional secret sharing schemes involve the use of a mutually trusted authority to assist in the generation and distribution of shares that will allow a secret to be protected among a set of participants. In contrast, this paper addresses the problem of establishing secret sharing schemes for a given access structure without the use of a mutually trusted authority. A general protocol is discussed and several implementations of this protocol are presented. Several efficiency measures are proposed and we consider how to refine the general protocol in order to improve the efficiency with respect to each of the proposed measures. Special attention is given to mutually trusted authority-free threshold schemes. Constructions are presented for such threshold schemes that are shown to be optimal with respect to each of the proposed efficiency measures. Received 13 September 1995 and revised 10 April 1996     

Some improved bounds on the information rate of perfect secret sharing schemes

In this paper we study secret sharing schemes for access structures based on graphs. A secret sharing scheme enables a secret key to be shared among a set of participants by distributing partial information called shares. Suppose we desire that some specified pairs of participants be able to compute the key. This gives rise in a natural way to a graphG which contains these specified pairs as its edges. The secret sharing scheme is calledperfect if a pair of participants corresponding to a nonedge ofG can obtain no information regarding the key. Such a perfect secret sharing scheme can be constructed for any graph. In this paper we study the information rate of these schemes, which measures how much information is being distributed as shares compared with the size of the secret key. We give several constructions for secret sharing schemes that have a higher information rate than previously known schemes. We prove the general result that, for any graphG having maximum degreed, there is a perfect secret sharing scheme realizingG in which the information rate is at least 2/(d+3). This improves the best previous general bound by a factor of almost two. The work of E. F. Brickell was performed at the Sandia National Laboratories and was supported by the U.S. Department of Energy under Contract Number DE-AC04-76DP00789. The research of D. R. Stinson was supported by NSERC Operating Grant A9287 and by the Center for Communication and Information Science, University of Nebraska.