Efficient Threshold Secret Sharing Schemes Secure Against Rushing Cheaters

نویسندگان

Avishek Adhikari

Kirill Morozov

Satoshi Obana

Partha Sarathi Roy

Kouichi Sakurai

Rui Xu

چکیده

In this paper, we consider three very important issues namely detection, identification and robustness of k-out-of-n secret sharing schemes against rushing cheaters who are allowed to submit (possibly forged) shares after observing shares of the honest users in the reconstruction phase. Towards this we present five different schemes. Among these, first we present two k-out-of-n secret sharing schemes, the first one being capable of detecting (k− 1)/3 cheaters such that |Vi| = |S|/ 3 and the second one being capable of detecting n − 1 cheaters such that |Vi| = |S|/ , where S denotes the set of all possible secrets, denotes the successful cheating probability of cheaters and Vi denotes set all possible shares. Next we present two k-out-of-n secret sharing schemes, the first one being capable of identifying (k − 1)/3 rushing cheaters with share size |Vi| that satisfies |Vi| = |S|/ . This is the first scheme whose size of shares does not grow linearly with n but only with k, where n is the number of participants. For the second one, in the setting of public cheater identification, we present an efficient optimal cheater resilient k-out-of-n secret sharing scheme against rushing cheaters having the share size |Vi| = (n − t)|S|/ . The proposed scheme achieves flexibility in the sense that the security level (i.e. the cheater(s) success probability) is independent of the secret size. Finally, we design an efficient (k, δ) robust secret sharing secure against rushing adversary with optimal cheater resiliency. Each of the five proposed schemes has the smallest share size having the mentioned properties among the existing schemes in the respective fields.

برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید

ثبت نام

اگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید

منابع مشابه

Cheater Identifiable Secret Sharing Schemes via Multi-Receiver Authentication

We introduce two publicly cheater identifiable secret sharing (CISS) schemes with efficient reconstruction, tolerating t < k/2 cheaters. Our constructions are based on (k, n) threshold Shamir scheme, and they feature a novel application of multi-receiver authentication codes to ensure integrity of shares. The first scheme, which tolerates rushing cheaters, has the share size |S|(n−t)/ n+t+2 in ...

متن کامل

On Cheater Identifiable Secret Sharing Schemes Secure against Rushing Adversary

At EUROCRYPT 2011, Obana proposed a k-out-of-n secret sharing scheme capable of identifying up to t cheaters with probability 1 − under the condition t < k/3. In that scheme, the share size |Vi| satisfies |Vi| = |S|/ , which is almost optimal. However, Obana’s scheme is known to be vulnerable to attacks by rushing adversary who can observe the messages sent by the honest participants prior to d...

متن کامل

Computationally secure multiple secret sharing: models, schemes, and formal security analysis

A multi-secret sharing scheme (MSS) allows a dealer to share multiple secrets among a set of participants. in such a way a multi-secret sharing scheme (MSS) allows a dealer to share multiple secrets among a set of participants, such that any authorized subset of participants can reconstruct the secrets. Up to now, existing MSSs either require too long shares for participants to be perfect secur...

متن کامل

Universal Construction of Cheater-Identifiable Secret Sharing Against Rushing Cheaters without Honest Majority

For conventional secret sharing, if cheaters can submit possibly forged shares after observing shares of the honest users in the reconstruction phase, they can disturb the protocol and reconstruct the true secret. To overcome the problem, secret sharing scheme with properties of cheater-identification have been proposed. Existing protocols for cheater-identifiable secret sharing assumed non-rus...

متن کامل