Verifiable secret sharing schemes proposed so far can only allow participants to verify whether their shares are correct or not. In this paper, we propose a new protocol which can allow participants not only to verify the correctness of their shares but also to revise the faulty shares. It is achieved in a cooperative way by participants, but without any assistance from the dealer. This protoco...

The constrained resources of sensors restrict the design of a key management scheme for wireless sensor networks (WSNs). In this work, we first formalize the security model of ALwEN, which is a gossipbased wireless medical sensor network (WMSN) for ambient assisted living. Our security model considers the node capture, the gossip-based network and the revocation problems, which should be valuab...

A secret sharing scheme permits a secret to be shared among participants in such a way that only qualiied subsets of participants can recover the secret, but any non-qualiied subset has absolutely no information on the secret. In this paper we consider the problem of designing eecient secret sharing schemes having the additional feature that qualiied minorities can forbid any other set of parti...

We consider perfect verifiable secret sharing (VSS) in a synchronous network of n processors (players) where a designated player called the dealer wishes to distribute a secret s among the players in a way that no t of them obtain any information, but any t + 1 players obtain full information about the secret. The round complexity of a VSS protocol is defined as the number of rounds performed i...

Verifiable secret sharing (VSS) schemes [1–3] rely on the assumption that parties can not reliably fabricate false secret shares which pass the verification process. Here, we show that, for certain VSS implementations that use verification commitments bounded to a finite field, this assumption is incorrect. Let there be n shares of a secret and a threshold of t secret shares required to get the...

In many pairing-based cryptosystems, the secret keys are elements of bilinear groups. For safeguarding such secret keys or decrypting or signing in a threshold manner, Verifiable Secret Sharing (VSS) in bilinear groups is required. In this paper, we show a method of verifiably sharing a random secret in a bilinear group. Our method is simple and practical. It can be regarded as a generalisation...

In Shamir’s ( ) t n , threshold of the secret sharing scheme, a secret s is divided into n shares by a dealer and is shared among n shareholders in such a way that (a) the secret can be reconstructed when there are t or more than t shares; and (b) the secret cannot be obtained when there are fewer than t shares. In the secret reconstruction, participating users can be either legitimate sharehol...

Assume n participants P 1,P 2, . . . , Pn share the knowledge of a multivariable function F and that they want to publicly compute z =F (x1,x2, . . . , xn ), where xi is a secret input provided by Pi . The difficulty is to simultaneously provide the secrecy of each xi and to guarantee the correctness of the common result z . Such a task has been accomplished in [GMW] under the assumption that t...

We continue our discussion of Verifiable Secret Sharing, giving two instantiations of the general schema from the last lecture. First, using Commit(x) = g: Feldman VSS, which leaks nothing but g and is perfect binding. Second, using Perdersen’s commitment Commit(x; r) = gh: Pedersen VSS. Next, we turn to the problem of adaptive security. We describe an adaptively secure Feldman VSS using trapdo...

The proposed approach works for any underlying secret sharing scheme. It is based on the concept of verification sets of participants, related to authorized set of participants. The participants interact (no third party involved) in order to check validity of their shares before they are pooled for secret recovery. Verification efficiency does not depend on the number of faulty participants.