Ideal secret sharing schemes with multiple secrets

We consider secret sharing schemes which, through an initial issuing of shares to a group of participants, permit a number of different secrets to be protected. Each secret is associated with a (potentially different) access structure and a particular secret can be reconstructed by any group of participants from its associated access structure without the need for further broadcast information. We consider ideal secret sharing schemes in this more general environment. In particular, we classify the collections of access structures that can be combined in such an ideal secret sharing scheme and we provide a general method of construction for such schemes. We also explore the extent to which the results that connect ideal secret sharing schemes to matroids can be appropriately generalized.The work of the second and third authors was supported by the Australian Research Council.     

理想同态密钥共享体制的判别算法

对于m阶循环群G和给定的存取结构 A,利用适合A 的拟阵在环Z_m上的良好表示,给出了 A 为G-理想同态的判别算法.     

Mutually Trusted Authority-Free Secret Sharing Schemes

Traditional secret sharing schemes involve the use of a mutually trusted authority to assist in the generation and distribution of shares that will allow a secret to be protected among a set of participants. In contrast, this paper addresses the problem of establishing secret sharing schemes for a given access structure without the use of a mutually trusted authority. A general protocol is discussed and several implementations of this protocol are presented. Several efficiency measures are proposed and we consider how to refine the general protocol in order to improve the efficiency with respect to each of the proposed measures. Special attention is given to mutually trusted authority-free threshold schemes. Constructions are presented for such threshold schemes that are shown to be optimal with respect to each of the proposed efficiency measures. Received 13 September 1995 and revised 10 April 1996     

On the size of shares for secret sharing schemes

A secret sharing scheme permits a secret to be shared among participants in such a way that only qualified subsets of participants can recover the secret, but any nonqualified subset has absolutely no information on the secret. The set of all qualified subsets defines the access structure to the secret. Sharing schemes are useful in the management of cryptographic keys and in multiparty secure protocols.We analyze the relationships among the entropies of the sample spaces from which the shares and the secret are chosen. We show that there are access structures with four participants for which any secret sharing scheme must give to a participant a share at least 50% greater than the secret size. This is the first proof that there exist access structures for which the best achievable information rate (i.e., the ratio between the size of the secret and that of the largest share) is bounded away from 1. The bound is the best possible, as we construct a secret sharing scheme for the above access structures that meets the bound with equality.This work was partially supported by Algoritmi, Modelli di Calcolo e Sistemi Informativi of M.U.R.S.T. and by Progetto Finalizzato Sistemi Informatici e Calcolo Parallelo of C.N.R. under Grant Number 91.00939.PF69.     

基于网络流上的秘密共享体制

给定一个通道结构,使它的极小通道结构对应于一个网络的极小割集族,那么存在一个实现它的理想秘密共享体制。而每一个密钥的子密钥正好构成该网络的一个流,反之亦然。给出的实现这些体制的方法极其有效。     

利用反转实现理想对比度的密图分存

可视秘密共享的一个主要不足是重构后图像的对比度损失严重.提出了利用反转实现理想对比度的密图分存方案.编码轮数为m/h(上取整) (m和h分别是白像素加密所用基阵全部列和全白列的数量),采取像素块编码方式,每步都将m个连续相同的像素进行一次性加密编码,不产生像素扩展.对方案的正确性和安全性进行了证明,并与类似方案进行了对比分析和实验.该方案编码效率较高,系统容量较小.     

一类抗欺骗攻击的秘密共享体制的构造

对于一般的理想通道结构,给出了构作抗欺骗攻击体制的一类方法。此方法不仅可以构造单密共享体制,而且可用于构造多密共享体制,并且在所要求的安全系数下,信息率可达到最优。     

基于极小线性码上的秘密共享方案

从理论上说,每个线性码都可用于构造秘密共享方案,但是在一般情况下,所构造的秘密共享方案的存取结构是难以确定的.本文提出了极小线性码的概念,指出基于这种码的对偶码所构造的秘密共享方案的存取结构是容易确定的.本文首先证明了极小线性码的缩短码一定是极小线性码.然后对几类不可约循环码给出它们为极小线性码的判定条件,并在理论上研究了基于几类不可约循环码的对偶码上的秘密共享方案的存取结构.最后用编程具体求出了一些实例中方案的存取结构.     

完备秘密共享方案的信息率

讨论了一类以图为访问结构的秘密共享方案的最优信息率和最优平均信息率．     

理想的多密门限体制的拟阵结构

门限体制是秘密共享体制中最基本的一类,其特点是简洁而实用．本文讨论了门限体制的拟阵结构,得到理想的多密门限体制存在的条件．     

一类不可表示的多部秘密共享拟阵

 一直以来,理想的存取结构具有的特性是秘密共享领域中主要的开放性问题之一,并且该问题与拟阵论有着密切的联系.多部存取结构是指将参与者集合划分为多个部分,使得同一部分中的参与者在存取结构中扮演等价的角色,由于每个存取结构都可以看作是多部的,于是多部存取结构的特性被广泛地研究.在EUROCRYPT’07上,Farras等人研究了秘密共享方案中理想多部存取结构的特性.他们的工作具有令人振奋的结果：通过研究多部拟阵和离散多拟阵之间的关系,他们得到了多部存取结构为理想存取结构的一个必要条件和一个充分条件,并且证明了一个多部拟阵是可表示的当且仅当其对应的离散多拟阵是可表示的.在文中,他们给出了一个开放性问题：可表示的离散多拟阵具有的特性,即哪些离散多拟阵是可表示的,哪些是不可表示的.本文给出并证明了一类不可表示的离散多拟阵,即给出了一个离散多拟阵为不可表示的离散多拟阵的一个充分条件.我们将这一结论应用于Vamos拟阵,于是得到了一族不可表示的多部拟阵,同时我们利用向量的线性相关和线性无关性对Vamos拟阵的不可表示性给出了新的证明.     

基于单向函数的动态秘密分享机制

本文提出了一种基于单向函数的动态秘密分享机制,它可以无限次地恢复不同的系统秘密,组中任何一个不诚实的成员可以被检查出。成员（除 ｍ １）在恢复秘密时都只要运算一次单向函数ｆ（ｍ １ 需两次）。组中删除或增加一个成员是方便的。     

The Size of a Share Must Be Large

A secret sharing scheme permits a secret to be shared among participants of an n-element group in such a way that only qualified subsets of participants can recover the secret. If any nonqualified subset has absolutely no information on the secret, then the scheme is called perfect. The share in a scheme is the information that a participant must remember. In [3] it was proved that for a certain access structure any perfect secret sharing scheme must give some participant a share which is at least 50\percent larger than the secret size. We prove that for each n there exists an access structure on n participants so that any perfect sharing scheme must give some participant a share which is at least about times the secret size.^1 We also show that the best possible result achievable by the information-theoretic method used here is n times the secret size. ^1 All logarithms in this paper are of base 2. Received 24 November 1993 and revised 15 September 1995     

一个建立在整数环上的秘密共享方案

自A.Shamir和G.R.Blakley于1979年各自独立地提出“秘密共享”的思想及方法以后,现已出现了多种秘密共享方案。这些方案可适应不同的环境要求,然而,这些方案都是在域上建立的,当所面临问题的背景结构不构成域时会遇到麻烦。本文提出了一种新的秘密共享方案,该方案直接在整数环Z上实现,不需要对环Z作任何扩张,因而具有较高的有效性。其安全性基于Hash函数的安全性和大整数分解的难解性。     

门限多重秘密共享方案

本文提出了一个门限多重秘密共享方案,其安全性依赖于RSA数字签名的安全性,即大数分解的困难性.该方案具有如下特点:参与者的子秘密可反复使用,可用来共享任意多个秘密;能有效预防管理员欺诈及参与者之间的互相欺骗;此外,在验证是否有欺诈行为存在的过程中,不需要执行交互协议.     

具有传递性质的接入结构上的秘密分享方案的构造

引入了具有传递性质的接入结构的概念,并给出一种构造具有这类接入结构的秘密分享方案的通用方法,该方法简捷易行.对要分享的一个秘密,不管一个参与者属于多少个最小合格子集,他只需保存一个秘密份额.而且用于分享多个秘密时,不需要增加分享者额外的信息保存量.因而优于已有的其他许多方法.文中还给出了实例以说明如何具体地构造具有这类接入结构的秘密分享方案.     

基于线性码的可验证秘密分享方案

论文基于线性码提出了一个非交互的可验证秘密分享方案,利用线性码的一致校验矩阵来验证每一个秘密分享者从秘密分配者Dealer处所获得子秘密的合法性,各子秘密拥有者独立验证,无须合作。     

一种改进的图像秘密共享方案

秘密共享是一种将秘密信息的片段共享给多个合法参与者的保密技术,可以有效预防对秘密信息的破译、截取、恶意破坏。图像秘密共享是近年来一个具有实用价值研究分支,目前已经衍生出很多种共享算法。L.Bai的投影矩阵方案是一种面向图像秘密共享的方案,可对该方案进行改进,对残差矩阵进行保护,可以避免残差矩阵因通信丢失而导致图像无法重构的问题,提高了该方案的安全性和可用性。     

Strongly ideal secret sharing schemes

We define strongly ideal secret sharing schemes to be ideal secret sharing schemes in which certain natural requirements are placed on the decoder. We prove an information-theoretic characterization of perfect schemes, and use it to determine which access structures can be encoded by strongly ideal schemes. We also discuss a hierarchy of secret sharing schemes that are more powerful than strongly ideal schemes.     

可验证秘密分享及其应用

可验证秘密分享(VSS)是设计安全的密码协议的一个基本工具,自从其概念于1985年被提出后,受到了密码学和信息安全界的普遍关注,到现在为止已经取得了大量的研究成果.本文全面总结和评述了该领域已经取得的重要成果,并探讨了该领域研究的发展趋势,指出了几个值得重视的研究方向.