基于因子分解和离散对数的动态秘密分享方案

该文提出了一个安全性基于离散对数与因子分解的动态秘密分享方案.它具有如下优点:(1)系统更新分享的秘密时,无需更新分享的子秘密,即子秘密可重复使用;(2)当系统增删成员时,无需变更其他成员的子秘密;(3)当某个成员的子秘密泄露时,系统只需为该成员重新分配子秘密而不必更改其他成员的子秘密;(4)防止欺诈;(5)通信量较少,工作效率高.     

适用于任意接入结构的可验证多秘密分享方案

对一般接入结构上的可验证多秘密分享进行了研究，给出了可适用于任意接入结构的一类可验证多秘密分享方案的构造方法。用这种方法构造的可验证多秘密分享方案具有以下性质：可在一组分享者中同时分享多个秘密；分发者发送给每一分享者的秘密份额都是可公开验证的；关于每一秘密的公开信息也是可公开验证的；恢复秘密时可防止分享者提供假的份额。分析表明，用此方法构造的可验证多秘密分享方案不仅是安全的，而且是高效的。     

一个可验证的门限多秘密分享方案

基于离散对数计算和大整数分解的困难性,利用RSA加密体制提出了一个新的门限多秘密分享方案.该方案通过零知识证明等协议来防止秘密分发者和秘密分享者的欺诈行为,因而是一个可验证的门限多秘密分享方案.该方案还具有:秘密影子可重复使用;子秘密影子可离线验证;供分享的秘密不须事先作预计算等特点.该方案可用于会议密钥(秘密)分配、安全多方计算、门限数字签名等应用领域.     

基于极小线性码上的秘密共享方案

从理论上说,每个线性码都可用于构造秘密共享方案,但是在一般情况下,所构造的秘密共享方案的存取结构是难以确定的.本文提出了极小线性码的概念,指出基于这种码的对偶码所构造的秘密共享方案的存取结构是容易确定的.本文首先证明了极小线性码的缩短码一定是极小线性码.然后对几类不可约循环码给出它们为极小线性码的判定条件,并在理论上研究了基于几类不可约循环码的对偶码上的秘密共享方案的存取结构.最后用编程具体求出了一些实例中方案的存取结构.     

可公开验证的动态秘密分享机制

基于背包公钥密码体制,提出了一个公开可验证的动态秘密分享方式.此秘密分享方式中每个分享者的子秘密可以重复使用;特别地,它能在恢复秘密的过程中及时地检查出不诚实者.     

可防止欺诈的动态秘密分享方案

基于有限域上离散对数难解问题提出一个计算安全的动态秘密分享方案 ,本方案有效地解决了密钥的翻新与复用问题 ,其效率高且实用 ,特别是能检测伪子密 ,防止欺诈 ,且数据利用率较高。     

基于单向函数的动态秘密分享机制

本文提出了一种基于单向函数的动态秘密分享机制,它可以无限次地恢复不同的系统秘密,组中任何一个不诚实的成员可以被检查出。成员（除 ｍ １）在恢复秘密时都只要运算一次单向函数ｆ（ｍ １ 需两次）。组中删除或增加一个成员是方便的。     

一个可防止欺诈的秘密分享方案

本文利用认证码构造一种可防止欺诈的秘密分享方案,此方案不仅可防止非法者的假冒,也可阻止子密合法拥有者的欺诈,特别是可防止某些子密合法拥有者形成团伙对另一合法者的欺诈,且数据利用率较高。     

一个基于秘密分享和签密的高效多轮电子拍卖方案

利用一个新的秘密分享方案和签密技术,提出了一个安全、高效的多轮电子拍卖方案。在该方案中,除了中标人外其他投标人的投标价和标书自始至终是保密的;所有投标人都可以验证中标结果。在消息的秘密传送中,使用了签密技术,同时实现了保密和认证,从而大大提高了效率。同时该方案也可用于第二价位拍卖。     

门限多重秘密共享方案

本文提出了一个门限多重秘密共享方案,其安全性依赖于RSA数字签名的安全性,即大数分解的困难性.该方案具有如下特点:参与者的子秘密可反复使用,可用来共享任意多个秘密;能有效预防管理员欺诈及参与者之间的互相欺骗;此外,在验证是否有欺诈行为存在的过程中,不需要执行交互协议.     

双重门限秘密共享方案

基于RSA密码体制、Shamir门限方案和哈希函数的安全性,设计了一种双重门限秘密共享方案。方案中,参与者只需维护一个秘密份额,可实现对多个秘密的共享。秘密份额由参与者确定和保管,秘密分发者也不知晓,秘密共享过程中,只需出示伪秘密份额。方案不需要维护安全信道,算法能够保证信息安全传送,以及验证参与者是否进行了欺骗。     

The Size of a Share Must Be Large

A secret sharing scheme permits a secret to be shared among participants of an n-element group in such a way that only qualified subsets of participants can recover the secret. If any nonqualified subset has absolutely no information on the secret, then the scheme is called perfect. The share in a scheme is the information that a participant must remember. In [3] it was proved that for a certain access structure any perfect secret sharing scheme must give some participant a share which is at least 50\percent larger than the secret size. We prove that for each n there exists an access structure on n participants so that any perfect sharing scheme must give some participant a share which is at least about times the secret size.^1 We also show that the best possible result achievable by the information-theoretic method used here is n times the secret size. ^1 All logarithms in this paper are of base 2. Received 24 November 1993 and revised 15 September 1995     

基于LDPC码的秘密共享方案

信息安全保密已成为当今信息时代的重要研究课题,因此秘密共享方案应运而生.在秘密共享方案中,利用LDPC码的编码实现秘密份额的分发,在LDPC码中,每一个非零码字都是极小码字,将秘密共享方案里的极小授权集与LDPC码的极小码字联系起来,通过极小授权集,实现秘密的重构.由于秘密份额在信道中传输会受到影响,所以恢复出来的秘密存在误码,所以利用一步大数逻辑译码纠错.实验表明,此方案实现了秘密分享,安全性高,又简单可行.     

一个有效的门限多重秘密共享体制

针对Chien-Jan-Tseng体制计算量大以及Yang-Chang-Hwang体制公开信息量大的不足,利用双变量单向函数提出了一个新的(t,n)门限多重秘密共享体制.通过一次秘密共享过程就可以实现对任意个秘密的共享,而参与者秘密份额的长度仅为一个秘密的长度.在秘密重构过程中,每个合作的参与者只需提交一个由秘密份额计算的伪份额,而不会暴露其秘密份额本身.本文体制结合了现有体制的优点并避免了它们的缺点,是一个实用、有效的体制.     

AN EFFICIENT AND SECURE （t, n） THRESHOLD SECRET SHARING SCHEME

Based on Shamir＇s threshold secret sharing scheme and the discrete logarithm problem, a new （t, n） threshold secret sharing scheme is proposed in this paper. In this scheme, each participant＇s secret shadow is selected by the participant himself, and even the secret dealer cannot gain anything about his secret shadow. All the shadows are as short as the shared secret. Each participant can share many secrets with other participants by holding only one shadow. Without extra equations and information designed for verification, each participant is able to check whether another participant provides the true information or not in the recovery phase. Unlike most of the existing schemes, it is unnecessary to maintain a secure channel between each participant and the dealer. Therefore, this scheme is very attractive, especially under the circumstances that there is no secure channel between the dealer and each participant at all. The security of this scheme is based on that of Shamir＇s threshold scheme and the difficulty in solving the discrete logarithm problem. Analyses show that this scheme is a computationally secure and efficient scheme.     

Efficient multi-secret image sharing based on Boolean operations

(n,n) visual secret sharing (VSS), first proposed by Naor and Shamir (1995) [4], is used to encode (encrypt) a secret image into n meaningless share images to be superimposed later to decode (decrypt) the original secret by human visual system after collecting all n secret images. In recent years, VSS-based image sharing (encryption) and image hiding schemes, two of a variety of applications based on VSS, have drawn much attention. In this paper, an efficient (n+1,n+1) multi-secret image sharing scheme based on Boolean-based VSS is proposed to not only keep the secret images confidential but also increase the capacity of sharing multiple secrets. The Boolean-based VSS technology, used to encode the secret images, generates n random matrices; then the n secret images are subsequently encoded into the n+1 meaningless share images. It is worthwhile to note that n secret images can be hidden by means of sharing only n+1 share images in the proposed scheme instead of 2n share images. Thus, the present scheme thus benefits from (1) reducing the demand of image transmission bandwidth, (2) easing the management overhead of meaningless share images, and (3) involving neither significant extra computational cost nor distortion for reconstructed secret images. The experimental results show the performance in terms of feasibility and image sharing capacity. Applied into image hiding schemes, the proposed scheme can enhance the hiding capacity.     

Verifiable special threshold secret sharing scheme based on eigenvalue

Utilizing the characteristic that the characteristic equation of the n-th order matrix have multiple roots,the secret distributor distributes two different sub-keys to each participant,and these two sub-keys satisfy two conditions:linear independent and equality of the corresponding characteristic values.In the process of sub-key distribution and master key recovery,the black box can judge the authenticity of the participants’ activities through the characteristics of the sub-keys.If the two sub-keys have satisfied two conditions of linear independence and equal feature values,it can be determined that the participant’s activity is honest,otherwise,it can be determined that there exists fraudulent activity.The analysis results show that the scheme is correct,secure,and the information rate is 12.     

On the size of shares for secret sharing schemes

A secret sharing scheme permits a secret to be shared among participants in such a way that only qualified subsets of participants can recover the secret, but any nonqualified subset has absolutely no information on the secret. The set of all qualified subsets defines the access structure to the secret. Sharing schemes are useful in the management of cryptographic keys and in multiparty secure protocols.We analyze the relationships among the entropies of the sample spaces from which the shares and the secret are chosen. We show that there are access structures with four participants for which any secret sharing scheme must give to a participant a share at least 50% greater than the secret size. This is the first proof that there exist access structures for which the best achievable information rate (i.e., the ratio between the size of the secret and that of the largest share) is bounded away from 1. The bound is the best possible, as we construct a secret sharing scheme for the above access structures that meets the bound with equality.This work was partially supported by Algoritmi, Modelli di Calcolo e Sistemi Informativi of M.U.R.S.T. and by Progetto Finalizzato Sistemi Informatici e Calcolo Parallelo of C.N.R. under Grant Number 91.00939.PF69.     

一个性能良好的秘密分享机制

基于零知识证明与有限域上计算离散对数的困难性,提出一种新的秘密分享机制,它可检测秘密分享成员的欺诈,解决了秘密更新与子密复用问题,且增删成员较为容易。整个方案构成简单、安全性高、计算量小、故高效且实用。     

GOMSS: A Simple Group Oriented (t,m, n) Multi-secret Sharing Scheme

In most (t,n)-Multi-secret sharing ((t,n)-MSS) schemes, an illegal participant, even without any valid share, may recover secrets when there are over t participants in secret reconstructions. To address this problem, the paper presents the notion of Group ori-ented (t,m,n)-multi-secret sharing (or (t,m,n)-GOMSS), in which recovering each secret requires all m (n ≥ m ≥ t) participants to have valid shares and actually participate in secret reconstruction. As an example, the paper then pro-poses a simple (t,m,n)-GOMSS scheme. In the scheme, every shareholder has only one share; to recover a secret, m shareholders construct a Polynomial-based randomized component (PRC) each with the share to form a tightly coupled group, which forces the secret to be recovered only with all m valid PRCs. As a result, the scheme can thwart the above illegal participant attack. The scheme is simple as well as flexible and does not depend on conventional hard problems or one way functions.