The proposed approach works for any underlying secret sharing scheme. It is based on the concept of verification sets of participants, related to authorized set of participants. The participants interact (no third party involved) in order to check validity of their shares before they are pooled for secret recovery. Verification efficiency does not depend on the number of faulty participants.

In this paper, we investigate how to achieve verifiable secret sharing (VSS) schemes by using the Chinese Remainder Theorem (CRT). We first show that two schemes proposed earlier are not secure from an attack where the dealer is able to distribute inconsistent shares to the users. Then we propose a new VSS scheme based on the CRT and prove its security. Using the proposed VSS scheme, we develop...

Inthispaper,wepropose twosecureverifiablemulti-secret sharingschemes thatarebasedonnon-homogeneous linearrecursionsandelliptic curvesoverZN .Suchschemeshavesimpleconstructionandverificationphases.Moreover thesehavevarious techniques for the reconstruction phase. The security of the proposed schemes is based on the security of the ECRSA cryptosystem and the intractability of the ECDLP. 2007 Else...

We present a stronger notion of veriiable secret sharing and exhibit a protocol implementing it. We show that our new notion is preferable to the old ones whenever veriiable secret sharing is used as a tool within larger protocols, rather than being a goal in itself.

Verifiable secret sharing (VSS) schemes [1–3] rely on the assumption that parties can not reliably fabricate false secret shares which pass the verification process. Here, we show that, for certain VSS implementations that use verification commitments bounded to a finite field, this assumption is incorrect. Let there be n shares of a secret and a threshold of t secret shares required to get the...

In many pairing-based cryptosystems, the secret keys are elements of bilinear groups. For safeguarding such secret keys or decrypting or signing in a threshold manner, Verifiable Secret Sharing (VSS) in bilinear groups is required. In this paper, we show a method of verifiably sharing a random secret in a bilinear group. Our method is simple and practical. It can be regarded as a generalisation...

Assume n participants P 1,P 2, . . . , Pn share the knowledge of a multivariable function F and that they want to publicly compute z =F (x1,x2, . . . , xn ), where xi is a secret input provided by Pi . The difficulty is to simultaneously provide the secrecy of each xi and to guarantee the correctness of the common result z . Such a task has been accomplished in [GMW] under the assumption that t...

We continue our discussion of Verifiable Secret Sharing, giving two instantiations of the general schema from the last lecture. First, using Commit(x) = g: Feldman VSS, which leaks nothing but g and is perfect binding. Second, using Perdersen’s commitment Commit(x; r) = gh: Pedersen VSS. Next, we turn to the problem of adaptive security. We describe an adaptively secure Feldman VSS using trapdo...

Protocols are given for allowing a “prover” to convince a “verifier” that the prover knows some verifiable secret information, without allowing the verifier to learn anything about the secret. The secret can be probabilistically or deterministically verifiable, and only one of the prover or the verifier need have constrained resources. This paper unifies and extends models and techniques previo...

We present a new protocol to perform non-interactive verifiable secret redistribution (VSR) for secrets distributed with Shamir’s secret sharing scheme. We base our VSR protocol on Desmedt and Jajodia’s redistribution protocol for linear secret sharing schemes, which we specialize for Shamir’s scheme. We extend their redistribution protocol with Feldman’s non-interactive verifiable secret shari...