Fourier-based Function Secret Sharing with General Access Structure

Function secret sharing (FSS) scheme is a mechanism that calculates a function f(x) for x in {0,1}^n which is shared among p parties, by using distributed functions f_i:{0,1}^n -> G, where G is an Abelian group, while the function f:{0,1}^n -> G is kept secret to the parties. Ohsawa et al. in 2017 observed that any function f can be described as a linear combination of the basis functions by regarding the function space as a vector space of dimension 2^n and gave new FSS schemes based on the Fourier basis. All existing FSS schemes are of (p,p)-threshold type. That is, to compute f(x), we have to collect f_i(x) for all the distributed functions. In this paper, as in the secret sharing schemes, we consider FSS schemes with any general access structure. To do this, we observe that Fourier-based FSS schemes by Ohsawa et al. are compatible with linear secret sharing scheme. By incorporating the techniques of linear secret sharing with any general access structure into the Fourier-based FSS schemes, we show Fourier-based FSS schemes with any general access structure.Comment: 12 page

Каскадна схема фейстеля та її стійкість до диференціального та лінійного криптоаналізу

Запропоновано та проаналізовано нову конструкцію блочних шифрів – каскадну схему Фейстеля, виведені оцінки її стійкості до диференціального та лінійного криптоаналізу.New construction of block ciphers’ design, a cascade Feistel network, is proposed and analysed, its resistance to differential and linear cryptanalysis is evaluated

Оцінки ймовірностей узагальнених лінійних апроксимацій раундової функції ГОСТ-подібного блокового шифру

Отримані аналітичні верхні межі ймовірностей узагальнених лінійних апроксимацій раундової функції ГОСТ-подібного блокового шифру, які залежать від певних числових параметрів його вузлів заміни. Отримані результати складають основу подальших досліджень в галузі аналізу та обґрунтування стійкості ГОСТ-подібних блокових шифрів відносно методу узагальненого лінійного криптоаналізу.Analytical upper bounds of generalized linear approximations probabilities of the round function of a GOST-like block cipher are obtained. These bounds depends on some numerical parameters of S-boxes of the given block cipher. Obtained results form the basis for next research in area of analysis and security proving of GOST-like block ciphers against generalized linear cryptanalysis techniques

Оптимальные протоколы множественного разделения секрета с многоадресным сообщением, основанные на линейных преобразованиях над кольцами вычетов

Отримані достатні умови оптимальності (за критерієм максимуму інформаційних відношень) протоколів множинного розподілу секрету з багатоадресним повідомленням, що реалізують певні ієрархії доступу. Наведено низку конструкцій зазначених протоколів, які задовольняють отриманим умовам оптимальності.The sufficient conditions of optimality (i. e. of information rates maximality) of multi-secret sharing schemes with broadcast message for certain access hierarchies are obtained. Some constructions of such schemes satisfied the described conditions are presented

Алгоритм формирования матриц над примарным кольцом вычетов для построения протоколов множественного разделения секрета, реализующих заданную иерархию доступа

Perfect linear multi-secret sharing schemes over primary residue ring construction algorithm is proposed. Early known secret sharing schemes over finite field construction method is generalized by proposed algorithm. This algorithm has calculation complexity, which less compare with trivial algorithm.Предложен алгоритм формирования матриц над примарным кольцом вычетов, предназначенных для построения линейных совершенных протоколов множественного разделения секрета для заданной иерархии доступа. Указанный алгоритм обобщает известный ранее алгоритм формирования матриц над конечным полем для синтеза линейных протоколов разделения одного секрета и имеет меньшую временную сложность по сравнению с тривиальным алгоритмом

Совершенная схема множественного разделения секрета над кольцом вычетов по модулю m

Предложена конструкция совершенной схемы множественного разделения секрета, основанная на линейных преобразованиях над кольцом вычетов целых чисел. Установлены необходимые и достаточные условия существования рассматриваемой схемы и описан алгоритм ее построения для произвольной заранее определенной иерархии доступа. Полученные результаты обобщают известные ранее утверждения о свойствах линейных схем разделения секрета над конечными полями, векторными пространствами и кольцами Галуа.A construction of a perfect multi-secret sharing scheme, which is based on linear transformations over a residue integer ring, is proposed. The necessary and sufficient conditions of the existence of this scheme are established and its construction algorithm for any given access hierarchy are described. The obtained results generalize the known statements about properties of linear secret sharing schemes over finite fields, vector spaces and Galois rings

Secret Sharing and Network Coding

In this thesis, we consider secret sharing schemes and network coding. Both of these fields are vital in today\u27s age as secret sharing schemes are currently being implemented by government agencies and private companies, and as network coding is continuously being used for IP networks. We begin with a brief overview of linear codes. Next, we examine van Dijk\u27s approach to realize an access structure using a linear secret sharing scheme; then we focus on a much simpler approach by Tang, Gao, and Chen. We show how this method can be used to find an optimal linear secret sharing scheme for an access structure with six participants. In the last chapter, we examine network coding and point out some similarities between secret sharing schemes and network coding. We present results from a paper by Silva and Kschischang; in particular, we present the concept of universal security and their coset coding scheme to achieve universal security

Lower Bounds for Secret-Sharing Schemes for k-Hypergraphs

A secret-sharing scheme enables a dealer, holding a secret string, to distribute shares to parties such that only pre-defined authorized subsets of parties can reconstruct the secret. The collection of authorized sets is called an access structure. There is a huge gap between the best known upper bounds on the share size of a secret-sharing scheme realizing an arbitrary access structure and the best known lower bounds on the size of these shares. For an arbitrary $n$-party access structure, the best known upper bound on the share size is $2^{O(n)}$. On the other hand, the best known lower bound on the total share size is much smaller, i.e., $\Omega(n^2/\log (n))$ [Csirmaz, \emph{Studia Sci. Math. Hungar.}]. This lower bound was proved more than 25 years ago and no major progress has been made since. In this paper, we study secret-sharing schemes for $k$-hypergraphs, i.e., for access structures where all minimal authorized sets are of size exactly $k$ (however, unauthorized sets can be larger). We consider the case where $k$ is small, i.e., constant or at most $\log (n)$. The trivial upper bound for these access structures is $O(n\cdot \binom{n-1}{k-1})$ and this can be slightly improved. If there were efficient secret-sharing schemes for such $k$-hypergraphs (e.g., $2$-hypergraphs or $3$-hypergraphs), then we would be able to construct secret-sharing schemes for arbitrary access structures that are better than the best known schemes. Thus, understanding the share size required for $k$-hypergraphs is important. Prior to our work, the best known lower bound for these access structures was $\Omega(n \log (n))$, which holds already for graphs (i.e., $2$-hypergraphs). We improve this lower bound, proving a lower bound of $\Omega(n^{2-1/(k-1)}/k)$ on the total share size for some explicit $k$-hypergraphs, where $3 \leq k \leq \log (n)$. For example, for $3$-hypergraphs we prove a lower bound of $\Omega(n^{3/2})$. For $\log (n)$-hypergraphs, we prove a lower bound of $\Omega(n^{2}/\log (n))$, i.e., we show that the lower bound of Csirmaz holds already when all minimal authorized sets are of size $\log (n)$. Our proof is simple and shows that the lower bound of Csirmaz holds for a simple variant of the access structure considered by Csirmaz. Using our results, we prove a near quadratic separation between the required share size for realizing an explicit access structure and the monotone circuit size describing the access structure,i.e., the share size in $\Omega(n^2/\log(n))$ and the monotone circuit size is $O(n\log(n))$ (where the circuit has depth $3$)

Tunable Security for Deployable Data Outsourcing

Security mechanisms like encryption negatively affect other software quality characteristics like efficiency. To cope with such trade-offs, it is preferable to build approaches that allow to tune the trade-offs after the implementation and design phase. This book introduces a methodology that can be used to build such tunable approaches. The book shows how the proposed methodology can be applied in the domains of database outsourcing, identity management, and credential management