Optimal non-perfect uniform secret sharing schemes

A secret sharing scheme is non-perfect if some subsets of participants that cannot recover the secret value have partial information about it. The information ratio of a secret sharing scheme is the ratio between the maximum length of the shares and the length of the secret. This work is dedicated to the search of bounds on the information ratio of non-perfect secret sharing schemes. To this end, we extend the known connections between polymatroids and perfect secret sharing schemes to the non-perfect case. In order to study non-perfect secret sharing schemes in all generality, we describe their structure through their access function, a real function that measures the amount of information that every subset of participants obtains about the secret value. We prove that there exists a secret sharing scheme for every access function. Uniform access functions, that is, the ones whose values depend only on the number of participants, generalize the threshold access structures. Our main result is to determine the optimal information ratio of the uniform access functions. Moreover, we present a construction of linear secret sharing schemes with optimal information ratio for the rational uniform access functions.Peer ReviewedPostprint (author's final draft

On the information ratio of non-perfect secret sharing schemes

The final publication is available at Springer via http://dx.doi.org/10.1007/s00453-016-0217-9A secret sharing scheme is non-perfect if some subsets of players that cannot recover the secret value have partial information about it. The information ratio of a secret sharing scheme is the ratio between the maximum length of the shares and the length of the secret. This work is dedicated to the search of bounds on the information ratio of non-perfect secret sharing schemes and the construction of efficient linear non-perfect secret sharing schemes. To this end, we extend the known connections between matroids, polymatroids and perfect secret sharing schemes to the non-perfect case. In order to study non-perfect secret sharing schemes in all generality, we describe their structure through their access function, a real function that measures the amount of information on the secret value that is obtained by each subset of players. We prove that there exists a secret sharing scheme for every access function. Uniform access functions, that is, access functions whose values depend only on the number of players, generalize the threshold access structures. The optimal information ratio of the uniform access functions with rational values has been determined by Yoshida, Fujiwara and Fossorier. By using the tools that are described in our work, we provide a much simpler proof of that result and we extend it to access functions with real values.Peer ReviewedPostprint (author's final draft

On the Information Ratio of Non-Perfect Secret Sharing Schemes

A secret sharing scheme is non-perfect if some subsets of players that cannot recover the secret value have partial information about it. The information ratio of a secret sharing scheme is the ratio between the maximum length of the shares and the length of the secret. This work is dedicated to the search of bounds on the information ratio of non-perfect secret sharing schemes and the construction of efficient linear non-perfect secret sharing schemes. To this end, we extend the known connections between matroids, polymatroids and perfect secret sharing schemes to the non-perfect case. In order to study non-perfect secret sharing schemes in all generality, we describe their structure through their access function, a real function that measures the amount of information on the secret value that is obtained by each subset of players. We prove that there exists a secret sharing scheme for every access function. Uniform access functions, that is, access functions whose values depend only on the number of players, generalize the threshold access structures. The optimal information ratio of the uniform access functions with rational values has been determined by Yoshida, Fujiwara and Fossorier. By using the tools that are described in our work, we provide a much simpler proof of that result and we extend it to access functions with real values

Совершенная схема множественного разделения секрета над кольцом вычетов по модулю m

Предложена конструкция совершенной схемы множественного разделения секрета, основанная на линейных преобразованиях над кольцом вычетов целых чисел. Установлены необходимые и достаточные условия существования рассматриваемой схемы и описан алгоритм ее построения для произвольной заранее определенной иерархии доступа. Полученные результаты обобщают известные ранее утверждения о свойствах линейных схем разделения секрета над конечными полями, векторными пространствами и кольцами Галуа.A construction of a perfect multi-secret sharing scheme, which is based on linear transformations over a residue integer ring, is proposed. The necessary and sufficient conditions of the existence of this scheme are established and its construction algorithm for any given access hierarchy are described. The obtained results generalize the known statements about properties of linear secret sharing schemes over finite fields, vector spaces and Galois rings

Security in Locally Repairable Storage

In this paper we extend the notion of {\em locally repairable} codes to {\em secret sharing} schemes. The main problem that we consider is to find optimal ways to distribute shares of a secret among a set of storage-nodes (participants) such that the content of each node (share) can be recovered by using contents of only few other nodes, and at the same time the secret can be reconstructed by only some allowable subsets of nodes. As a special case, an eavesdropper observing some set of specific nodes (such as less than certain number of nodes) does not get any information. In other words, we propose to study a locally repairable distributed storage system that is secure against a {\em passive eavesdropper} that can observe some subsets of nodes. We provide a number of results related to such systems including upper-bounds and achievability results on the number of bits that can be securely stored with these constraints.Comment: This paper has been accepted for publication in IEEE Transactions of Information Theor

Probabilistic Infinite Secret Sharing

The study of probabilistic secret sharing schemes using arbitrary probability spaces and possibly infinite number of participants lets us investigate abstract properties of such schemes. It highlights important properties, explains why certain definitions work better than others, connects this topic to other branches of mathematics, and might yield new design paradigms. A probabilistic secret sharing scheme is a joint probability distribution of the shares and the secret together with a collection of secret recovery functions for qualified subsets. The scheme is measurable if the recovery functions are measurable. Depending on how much information an unqualified subset might have, we define four scheme types: perfect, almost perfect, ramp, and almost ramp. Our main results characterize the access structures which can be realized by schemes of these types. We show that every access structure can be realized by a non-measurable perfect probabilistic scheme. The construction is based on a paradoxical pair of independent random variables which determine each other. For measurable schemes we have the following complete characterization. An access structure can be realized by a (measurable) perfect, or almost perfect scheme if and only if the access structure, as a subset of the Sierpi\'nski space $\{0,1\}^P$, is open, if and only if it can be realized by a span program. The access structure can be realized by a (measurable) ramp or almost ramp scheme if and only if the access structure is a $G_\delta$ set (intersection of countably many open sets) in the Sierpi\'nski topology, if and only if it can be realized by a Hilbert-space program

Communication Efficient Secret Sharing

A secret sharing scheme is a method to store information securely and reliably. Particularly, in a threshold secret sharing scheme, a secret is encoded into $n$ shares, such that any set of at least $t_1$ shares suffice to decode the secret, and any set of at most $t_2 < t_1$ shares reveal no information about the secret. Assuming that each party holds a share and a user wishes to decode the secret by receiving information from a set of parties; the question we study is how to minimize the amount of communication between the user and the parties. We show that the necessary amount of communication, termed "decoding bandwidth", decreases as the number of parties that participate in decoding increases. We prove a tight lower bound on the decoding bandwidth, and construct secret sharing schemes achieving the bound. Particularly, we design a scheme that achieves the optimal decoding bandwidth when $d$ parties participate in decoding, universally for all $t_1 \le d \le n$. The scheme is based on Shamir's secret sharing scheme and preserves its simplicity and efficiency. In addition, we consider secure distributed storage where the proposed communication efficient secret sharing schemes further improve disk access complexity during decoding.Comment: submitted to the IEEE Transactions on Information Theory. New references and a new construction adde

An Epitome of Multi Secret Sharing Schemes for General Access Structure

Secret sharing schemes are widely used now a days in various applications, which need more security, trust and reliability. In secret sharing scheme, the secret is divided among the participants and only authorized set of participants can recover the secret by combining their shares. The authorized set of participants are called access structure of the scheme. In Multi-Secret Sharing Scheme (MSSS), k different secrets are distributed among the participants, each one according to an access structure. Multi-secret sharing schemes have been studied extensively by the cryptographic community. Number of schemes are proposed for the threshold multi-secret sharing and multi-secret sharing according to generalized access structure with various features. In this survey we explore the important constructions of multi-secret sharing for the generalized access structure with their merits and demerits. The features like whether shares can be reused, participants can be enrolled or dis-enrolled efficiently, whether shares have to modified in the renewal phase etc., are considered for the evaluation