一种主动秘密共享算法

在电子商务和开放网络中，有一类高度机密且长期有效的密钥需要保护．直接使用传统密码学甚至门限密码学提供的方法都不能很好地保证其安全性．而主动秘密共享方案则能较好地解决这类问题．它是在(t 1，n)-门限密码学密钥共享的基础上，通过周期性地刷新影子的值(但不改变共享的密钥)并清除原来的影子值，使得攻击者在一个周期中获得的信息在刷新之后变得毫无用处．所以，攻击者要想窃取一个系统的密钥，必须在同一个周期内攻破t个以上的服务器才可能成功．因此，合理设置门限参数和时间周期的长短就可以保证密钥的长期安全性．迄今为止，只有一个有缺陷的主动秘密共享算法．在此给出一个针对离散对数密钥的主动共享算法，并完整地证明了其安全性和鲁棒性．

A Proactive Secret Sharing Algorithm

In the areas of electronic commerce and secure communications over open networks, there are some long lived and highly sensitive information which needs to be protected It's insufficient just to apply the classic cryptography, as well as threshold cryptosystems Only proactive secret sharing can properly protect it Proactive secret sharing is a non trivial extension of (t+1,n) threshold cryptosystems, where shares are periodically renewed (without changing the secret) in such a way that information gained by the adversary in one time period is useless for attacking the secret after the shares are renewed Hence, the adversary willing to learn the secret needs to break to all t+1 share holders during the same time period If the time period and the threshold k are selected properly, proactive secret sharing can maintain the overall security of the information There is only one proactive secret sharing algorithm with serious problems An efficient proactive secret sharing algorithm for DLog based secret is proposed and a complete proof of correctness, security and robustness is presented