15,054 research outputs found
Communication Efficient Secret Sharing
A secret sharing scheme is a method to store information securely and
reliably. Particularly, in a threshold secret sharing scheme, a secret is
encoded into shares, such that any set of at least shares suffice to
decode the secret, and any set of at most shares reveal no
information about the secret. Assuming that each party holds a share and a user
wishes to decode the secret by receiving information from a set of parties; the
question we study is how to minimize the amount of communication between the
user and the parties. We show that the necessary amount of communication,
termed "decoding bandwidth", decreases as the number of parties that
participate in decoding increases. We prove a tight lower bound on the decoding
bandwidth, and construct secret sharing schemes achieving the bound.
Particularly, we design a scheme that achieves the optimal decoding bandwidth
when parties participate in decoding, universally for all . The scheme is based on Shamir's secret sharing scheme and preserves its
simplicity and efficiency. In addition, we consider secure distributed storage
where the proposed communication efficient secret sharing schemes further
improve disk access complexity during decoding.Comment: submitted to the IEEE Transactions on Information Theory. New
references and a new construction adde
Security in Locally Repairable Storage
In this paper we extend the notion of {\em locally repairable} codes to {\em
secret sharing} schemes. The main problem that we consider is to find optimal
ways to distribute shares of a secret among a set of storage-nodes
(participants) such that the content of each node (share) can be recovered by
using contents of only few other nodes, and at the same time the secret can be
reconstructed by only some allowable subsets of nodes. As a special case, an
eavesdropper observing some set of specific nodes (such as less than certain
number of nodes) does not get any information. In other words, we propose to
study a locally repairable distributed storage system that is secure against a
{\em passive eavesdropper} that can observe some subsets of nodes.
We provide a number of results related to such systems including upper-bounds
and achievability results on the number of bits that can be securely stored
with these constraints.Comment: This paper has been accepted for publication in IEEE Transactions of
Information Theor
On the Duality of Probing and Fault Attacks
In this work we investigate the problem of simultaneous privacy and integrity
protection in cryptographic circuits. We consider a white-box scenario with a
powerful, yet limited attacker. A concise metric for the level of probing and
fault security is introduced, which is directly related to the capabilities of
a realistic attacker. In order to investigate the interrelation of probing and
fault security we introduce a common mathematical framework based on the
formalism of information and coding theory. The framework unifies the known
linear masking schemes. We proof a central theorem about the properties of
linear codes which leads to optimal secret sharing schemes. These schemes
provide the lower bound for the number of masks needed to counteract an
attacker with a given strength. The new formalism reveals an intriguing duality
principle between the problems of probing and fault security, and provides a
unified view on privacy and integrity protection using error detecting codes.
Finally, we introduce a new class of linear tamper-resistant codes. These are
eligible to preserve security against an attacker mounting simultaneous probing
and fault attacks
- β¦