一种具有身份锁的门限多秘密共享方案

为了避免现有秘密共享方案中不同秘密的访问控制结构可能相同的问题，提出一种基于身份锁的门限多秘密共享方案，身份锁决定秘密的授权子集，只有授权子集中的用户可以恢复秘密，对不同的秘密存在不同的身份锁。在保持子秘密可重复使用及可检测欺骗行为的前提下，不增加任何参与者的信息交互，有效地解决了不同秘密的访问控制结构难以更改的问题。同时，基于会话密钥协商算法，该方案不需要预设系统存在安全通道来传输秘密份额，因此具有较好的安全性和实用性。该方案非常适用于视频会议、文件分发等基于身份权限访问控制的门限多秘密共享场景。

A threshold multi-secret sharingscheme with identity lock

In order to avoid the disadvantage that different secrets has the same access control structure in the existing secret sharing schemes, a threshold multi-secret sharing scheme based on identity lock is proposed, which determines the authorized subset of the secret. Only the user in the authorized subset can recover the secret. There are different identity locks for different secrets.H3： preset that the system has a secure channel to transmit secret shares,Under the premise of keeping the sub-secrets reusable and detectable for deception, it does not increase the information interaction of any participants, and effectively solves the problem that the access control structure of different secrets is difficult to change. At the same time, based on the session key negotiation algorithm, the scheme does not need to use a secure channel to transmit the secret share in advance, so it has better security and practicability. The scheme is suitable for the scenarios of multi-secret threshold sharing based on identity access control, such as video conference and file distribution.