An Epitome of Multi Secret Sharing Schemes for General Access Structure

Secret sharing schemes are widely used now a days in various applications, which need more security, trust and reliability. In secret sharing scheme, the secret is divided among the participants and only authorized set of participants can recover the secret by combining their shares. The authorized set of participants are called access structure of the scheme. In Multi-Secret Sharing Scheme (MSSS), k different secrets are distributed among the participants, each one according to an access structure. Multi-secret sharing schemes have been studied extensively by the cryptographic community. Number of schemes are proposed for the threshold multi-secret sharing and multi-secret sharing according to generalized access structure with various features. In this survey we explore the important constructions of multi-secret sharing for the generalized access structure with their merits and demerits. The features like whether shares can be reused, participants can be enrolled or dis-enrolled efficiently, whether shares have to modified in the renewal phase etc., are considered for the evaluation

AN EFFICIENT THRESHOLD SECRET SHARING SCHEME USING FAST FOURIER TRANSFORM

Secret Sharing is a robust key management method which is having applications in password management, secure multi party computation, e-voting etc. Threshold secret sharing is a method in which out of all the parties only predefined or certain number of parties can reconstruct the secret. In this paper we will describe the most popular Shamir’s secret sharing scheme along with its limitations. In Shamir’s scheme each shareholder receives one share per secret. We can use alternative way ramp (packed variant) scheme which overcomes this limitation and reduces load on each individual shareholder. But this impacts on efficiency as degree of polynomial is increased. Either we must adjust the privacy threshold or number of shares needed to reconstruct. There is need of advance technique. An efficient secret sharing needs faster polynomial evaluation and interpolation. Here is an efficient secret sharing scheme using Fast Fourier Transform (FFT). In this polynomial evaluation as well as interpolation both speeds up. It has time complexity O(n log n)

New results and applications for multi-secret sharing schemes

In a multi-secret sharing scheme (MSSS), different secrets are distributed among the players in some set , each one according to an access structure. The trivial solution to this problem is to run independent instances of a standard secret sharing scheme, one for each secret. In this solution, the length of the secret share to be stored by each player grows linearly with (when keeping all other parameters fixed). Multi-secret sharing schemes have been studied by the cryptographic community mostly from a theoretical perspective: different models and definitions have been proposed, for both unconditional (information-theoretic) and computational security. In the case of unconditional security, there are two different definitions. It has been proved that, for some particular cases of access structures that include the threshold case, a MSSS with the strongest level of unconditional security must have shares with length linear in . Therefore, the optimal solution in this case is equivalent to the trivial one. In this work we prove that, even for a more relaxed notion of unconditional security, and for some kinds of access structures (in particular, threshold ones), we have the same efficiency problem: the length of each secret share must grow linearly with . Since we want more efficient solutions, we move to the scenario of MSSSs with computational security. We propose a new MSSS, where each secret share has constant length (just one element), and we formally prove its computational security in the random oracle model. To the best of our knowledge, this is the first formal analysis on the computational security of a MSSS. We show the utility of the new MSSS by using it as a key ingredient in the design of two schemes for two new functionalities: multi-policy signatures and multi-policy decryption. We prove the security of these two new multi-policy cryptosystems in a formal security model. The two new primitives provide similar functionalities as attribute-based cryptosystems, with some advantages and some drawbacks that we discuss at the end of this work.Peer ReviewedPostprint (author’s final draft

Space Efficient Computational Multi-Secret Sharing and Its Applications

In a (t_1,...,t_l)-multi-secret sharing scheme (MSSS), l independent secrets s_1,...,s_l are shared with n parties in such a way that at least t_i parties are required to recover the secret s_i (while s_i remains hidden with fewer shares). We consider the problem of minimizing the share size of MSSS in the challenging setting when there are many secrets to be shared among many parties. To circumvent the information-theoretic lower bound (e.g., Blundo [4]), we focus on the computational setting. A simple generalization of computational secret sharing (Krawczyk [17]) to multi-secret sharing yields a scheme with share size/overhead scaling linearly in l, the total number of secrets. To beat this linear scaling, we consider constructing MSSS based on a related notion of encryption|dynamic threshold public key encryption (DTPKE)|that enables a sender to dynamically specify a threshold for each ciphertext. None of the existing DTPKE is well-suited for our purpose. Thus, we propose a new construction of a dynamic threshold public key encryption scheme with improved efficiency characteristics. We then give a recursive application of our construction that yields an efficient MSSS with share size only logarithmic in the number of secrets (thus effectively O(log l) as in the common cases, where l and n are polynomially related). Finally, we describe an application of our space efficient (1,2,...,n-1)-MSSS to a special tool called gradual verifiable secret sharing which is the fundamental building block for general multiparty computation (MPC) with n players that provides fairness without honest majority

Multiple Authorities Access under Public Cloud Storage: Review

Public cloud storage is a cloud storage model that provide services to individuals and organizations to store, edit and manage data. Public cloud storage service is also known as storage service, utility storage and online storage. Cloud storage has many advantages, there is still remain various challenges among which privacy and security of users data have major issues in public cloud storage. Attribute Based Encryption(ABE) is a cryptographic technique which provides data owner direct control over their data in public cloud storage. In the traditional ABE scheme involve only one authority to maintain attribute set which can bring a single-point bottleneck on security and performance. Now we use threshold multi-authority Cipher text-Policy Attribute-Based Encryption (CP-ABE) access control scheme, name TMACS. TMACS is Threshold Multi-Authority Access Control System. In TMACS, multiple authority jointly manages the whole attribute set but no user has full control of any specific attribute. By combining threshold secret sharing (t,n) and multi-authority CP-ABE scheme, we developed efficient multi-authority access control system in public cloud storage

Multiple Authorities Access under Public Cloud Storage

Public cloud storage is a cloud storage model that provide services to individuals and organizations to store, edit and manage data. Public cloud storage service is also known as storage service, utility storage and online storage. Cloud storage has many advantages, there is still remain various challenges among which privacy and security of users data have major issues in public cloud storage. Attribute Based Encryption(ABE) is a cryptographic technique which provides data owner direct control over their data in public cloud storage. In the traditional ABE scheme involve single authority to maintain attribute set which can bring a single-point bottleneck on both security and performance. Now we use threshold multi-authority Cipher text-Policy Attribute-Based Encryption (CP-ABE) access control scheme, name TMACS. TMACS is Threshold Multi-Authority Access Control System. In TMACS,multiple authority jointly manages the whole attribute set but no one has full control of any specific attribute. By combining threshold secret sharing (t,n) and multi-authority CP-ABE scheme, we developed efficient multi-authority access control system in public cloud storage

Multiple Authorities Access under Public Cloud Storage

Public cloud storage is a cloud storage model that provide services to individuals and organizations to store, edit and manage data. Public cloud storage service is also known as storage service, utility storage and online storage. Cloud storage has many advantages, there is still remain various challenges among which privacy and security of users data have major problem in public cloud storage. Attribute Based Encryption(ABE) is a cryptographic technique which provides data owner direct control over their data in public cloud storage. In the traditional ABE scheme involve only single authority to maintain attribute set which can bring a single-point bottleneck on both security and performance. Now we use threshold multi-authority Cipher Text-Policy Attribute-Based Encryption (CP-ABE) access control scheme, name TMACS. TMACS is Threshold Multi-Authority Access Control System. In TMACS,multiple authority jointly manages the whole attribute set but no one has full control of any specific attribute. By combining threshold secret sharing (t,n) and multi-authority CP-ABE scheme, we developed efficient multi-authority access control system in public cloud storage

Leakage Resilient Secret Sharing and Applications

A secret sharing scheme allows a dealer to share a secret among a set of $n$ parties such that any authorized subset of the parties can recover the secret, while any unauthorized subset of the parties learns no information about the secret. A local leakage-resilient secret sharing scheme (introduced in independent works by (Goyal and Kumar, STOC 18) and (Benhamouda, Degwekar, Ishai and Rabin, Crypto 18)) additionally requires the secrecy to hold against every unauthorized set of parties even if they obtain some bounded local leakage from every other share. The leakage is said to be local if it is computed independently for each share. So far, the only known constructions of local leakage resilient secret sharing schemes are for threshold access structures for very low ($O(1)$) or very high ($n -o(\log n)$) thresholds. In this work, we give a compiler that takes a secret sharing scheme for any monotone access structure and produces a local leakage resilient secret sharing scheme for the same access structure, with only a constant-factor blow-up in the sizes of the shares. Furthermore, the resultant secret sharing scheme has optimal leakage-resilience rate i.e., the ratio between the leakage tolerated and the size of each share can be made arbitrarily close to $1$. Using this secret sharing scheme as the main building block, we obtain the following results: 1. Rate Preserving Non-Malleable Secret Sharing: We give a compiler that takes any secret sharing scheme for a 4-monotone access structure with rate $R$ and converts it into a non-malleable secret sharing scheme for the same access structure with rate $\Omega(R)$. The prior such non-zero rate construction (Badrinarayanan and Srinivasan, 18) only achieves a rate of $\Theta(R/{t_{\max}\log^2 n})$, where $t_{\max}$ is the maximum size of any minimal set in the access structure. As a special case, for any threshold $t \geq 4$ and an arbitrary $n \geq t$, we get the first constant rate construction of $t$-out-of-$n$ non-malleable secret sharing. 2. Leakage-Tolerant Multiparty Computation for General Interaction Pattern: For any function, we give a reduction from constructing leakage-tolerant secure multi-party computation protocols obeying any interaction pattern to constructing a secure (and not necessarily leakage-tolerant) protocol for a related function obeying the star interaction pattern. This improves upon the result of (Halevi et al., ITCS 2016), who constructed a protocol that is secure in a leak-free environment

Threshold Linear Secret Sharing to the Rescue of MPC-in-the-Head

The MPC-in-the-Head paradigm is a popular framework to build zero-knowledge proof systems using techniques from secure multi-party computation (MPC). While this paradigm is not restricted to a particular secret sharing scheme, all the efficient instantiations for small circuits proposed so far rely on additive secret sharing. In this work, we show how applying a threshold linear secret sharing scheme (threshold LSSS) can be beneficial to the MPC-in-the-Head paradigm. For a general passively-secure MPC protocol model capturing most of the existing MPCitH schemes, we show that our approach improves the soundness of the underlying proof system from $1/N$ down to $1/\binom{N}{\ell}$, where $N$ is the number of parties and $\ell$ is the privacy threshold of the sharing scheme. While very general, our technique is limited to a number of parties $N \leq |\mathbb{F}|$, where $\mathbb{F}$ is the field underlying the statement, because of the MDS conjecture. Applying our approach with a low-threshold LSSS also boosts the performance of the proof system by making the MPC emulation cost independent of $N$ for both the prover and the verifier. The gain is particularly significant for the verification time which becomes logarithmic in $N$ (while the prover still has to generate and commit the $N$ input shares). We further generalize and improve our framework: we show how homomorphic commitments can get rid of the linear complexity of the prover, we generalize our result to any quasi-threshold LSSS, and we describe an efficient batching technique relying on Shamir\u27s secret sharing. We finally apply our techniques to specific use-cases. We first propose a variant of the recent SDitH signature scheme achieving new interesting trade-offs. In particular, for a signature size of 10 KB, we obtain a verification time lower than $0.5$ ms, which is competitive with SPHINCS+, while achieving much faster signing. We further apply our batching technique to two different contexts: batched SDitH proofs and batched proofs for general arithmetic circuits based on the Limbo proof system. In both cases, we obtain an amortized proof size lower than $1/10$ of the baseline scheme when batching a few dozen statements, while the amortized performances are also significantly improved