On ASGS framework: general requirements and an example of implementation

In the paper we propose general framework for Automatic Secret Generation and Sharing (ASGS) that should be independent of underlying secret sharing scheme. ASGS allows to prevent the dealer from knowing the secret or even to eliminate him at all. Two situations are discussed. First concerns simultaneous generation and sharing of the random, prior nonexistent secret. Such a secret remains unknown until it is reconstructed. Next, we propose the framework for automatic sharing of a known secret. In this case the dealer does not know the secret and the secret owner does not know the shares. We present opportunities for joining ASGS with other extended capabilities, with special emphasize on PVSS and pre-positioned secret sharing. Finally, we illustrate framework with practical implementation. 1. INTRODUCTION Everybody knows situations, where permission to trigger certain action requires approval of several selected entities. Equally important is that any other set of entities cannot trigger the action. Secret sharing allows to split a secret into different pieces, called shares, which are given to the participants, such that only certain group (authorized set of participants) can recover the secret. To make this requirement realistic, one should avoid situations were some of the protocol parties have dominant position. This reasoning resulted in creation of famework for ASGS. Secret sharing schemes (SSS) were independently invented by George Blakley [2] and Adi Shamir [13]. Many schemes have been presented since, for instance, Asmuth and Bloom [1], Brickell [5], Karin-Greene-Hellman (KGH) [8]. SSS can work in two modes: 1. Split control. In this case the secret itself is important, hence protected by distributing its pieces to different parties. This mode is, for instance, applied to protect proprietary secrets (e.g., Coca-Cola secret formula) or cryptographic keys. 2. Authentication. The content of the secret is secondary to the fact that only participants from the authorized set are able to recover it. This property allows to authenticate/identify parties taking part in the protocol. If they are able to recover the right secret, they are the chosen/right ones. Once secret sharing was introduced, people started to develop extended capabilities. Some of examples are: detection of cheaters and secret consistency verification (e.g. [11], [12], [14]), multi-secret threshold schemes (e.g., [11]), pre-positioned secret sharing schemes (e.g., [11]). The other class of extended capabilities focuses on anonymity, randomness and automatization for secret sharing procedures. Anonymous and random secret sharing was studied by Blundo, Giorgio Gaggia, Stinson in …