41,040 research outputs found
An Epitome of Multi Secret Sharing Schemes for General Access Structure
Secret sharing schemes are widely used now a days in various applications,
which need more security, trust and reliability. In secret sharing scheme, the
secret is divided among the participants and only authorized set of
participants can recover the secret by combining their shares. The authorized
set of participants are called access structure of the scheme. In Multi-Secret
Sharing Scheme (MSSS), k different secrets are distributed among the
participants, each one according to an access structure. Multi-secret sharing
schemes have been studied extensively by the cryptographic community. Number of
schemes are proposed for the threshold multi-secret sharing and multi-secret
sharing according to generalized access structure with various features. In
this survey we explore the important constructions of multi-secret sharing for
the generalized access structure with their merits and demerits. The features
like whether shares can be reused, participants can be enrolled or dis-enrolled
efficiently, whether shares have to modified in the renewal phase etc., are
considered for the evaluation
An Ideal Compartmented Secret Sharing Scheme Based on Linear Homogeneous Recurrence Relations
Multipartite secret sharing schemes are those that have multipartite access structures. The set of the participants in those schemes is divided into several parts, and all the participants in the same part play the equivalent role. One type of such access structure is the compartmented access structure. We propose an ideal and efficient compartmented multi-secret sharing scheme based on the linear homogeneous recurrence (LHR) relations. In the construction phase, the shared secrets are hidden in some terms of the linear homogeneous recurrence sequence. In the recovery phase, the shared secrets are obtained by solving those terms in which the shared secrets are hidden. When the global threshold is , our scheme can reduce the computational complexity from to , where . The security of the proposed scheme is based on Shamir\u27s threshold scheme. Moreover, it is efficient to share the multi-secret and to change the shared secrets in the proposed scheme. That is, the proposed scheme can improve the performances of the key management and the distributed system
Delivering on Open Government: The Obama Administration's Unfinished Legacy
This report examines progress made during President Obama's first term toward open government goals outlined in a comprehensive set of recommendations that the open government community issued in November 2008, titled Moving Toward a 21st Century Right-to-Know Agenda. We examine activity in the three main areas of the 2008 report: creating an environment within government that is supportive of transparency, improving public use of government information, and reducing the secrecy related to national security issues
Keys in the Clouds: Auditable Multi-device Access to Cryptographic Credentials
Personal cryptographic keys are the foundation of many secure services, but
storing these keys securely is a challenge, especially if they are used from
multiple devices. Storing keys in a centralized location, like an
Internet-accessible server, raises serious security concerns (e.g. server
compromise). Hardware-based Trusted Execution Environments (TEEs) are a
well-known solution for protecting sensitive data in untrusted environments,
and are now becoming available on commodity server platforms.
Although the idea of protecting keys using a server-side TEE is
straight-forward, in this paper we validate this approach and show that it
enables new desirable functionality. We describe the design, implementation,
and evaluation of a TEE-based Cloud Key Store (CKS), an online service for
securely generating, storing, and using personal cryptographic keys. Using
remote attestation, users receive strong assurance about the behaviour of the
CKS, and can authenticate themselves using passwords while avoiding typical
risks of password-based authentication like password theft or phishing. In
addition, this design allows users to i) define policy-based access controls
for keys; ii) delegate keys to other CKS users for a specified time and/or a
limited number of uses; and iii) audit all key usages via a secure audit log.
We have implemented a proof of concept CKS using Intel SGX and integrated this
into GnuPG on Linux and OpenKeychain on Android. Our CKS implementation
performs approximately 6,000 signature operations per second on a single
desktop PC. The latency is in the same order of magnitude as using
locally-stored keys, and 20x faster than smart cards.Comment: Extended version of a paper to appear in the 3rd Workshop on
Security, Privacy, and Identity Management in the Cloud (SECPID) 201
Non-Threshold Quantum Secret Sharing Schemes in the Graph State Formalism
In a recent work, Markham and Sanders have proposed a framework to study
quantum secret sharing (QSS) schemes using graph states. This framework unified
three classes of QSS protocols, namely, sharing classical secrets over private
and public channels, and sharing quantum secrets. However, most work on secret
sharing based on graph states focused on threshold schemes. In this paper, we
focus on general access structures. We show how to realize a large class of
arbitrary access structures using the graph state formalism. We show an
equivalence between binary quantum codes and graph state secret
sharing schemes sharing one bit. We also establish a similar (but restricted)
equivalence between a class of Calderbank-Shor-Steane (CSS) codes and
graph state QSS schemes sharing one qubit. With these results we are able to
construct a large class of quantum secret sharing schemes with arbitrary access
structures.Comment: LaTeX, 6 page
A threshold secure data sharing scheme for federated clouds
Cloud computing allows users to view computing in a new direction, as it uses
the existing technologies to provide better IT services at low-cost. To offer
high QOS to customers according SLA, cloud services broker or cloud service
provider uses individual cloud providers that work collaboratively to form a
federation of clouds. It is required in applications like Real-time online
interactive applications, weather research and forecasting etc., in which the
data and applications are complex and distributed. In these applications secret
data should be shared, so secure data sharing mechanism is required in
Federated clouds to reduce the risk of data intrusion, the loss of service
availability and to ensure data integrity. So In this paper we have proposed
zero knowledge data sharing scheme where Trusted Cloud Authority (TCA) will
control federated clouds for data sharing where the secret to be exchanged for
computation is encrypted and retrieved by individual cloud at the end. Our
scheme is based on the difficulty of solving the Discrete Logarithm problem
(DLOG) in a finite abelian group of large prime order which is NP-Hard. So our
proposed scheme provides data integrity in transit, data availability when one
of host providers are not available during the computation.Comment: 8 pages, 3 Figures, International Journal of Research in Computer
Science 2012. arXiv admin note: text overlap with arXiv:1003.3920 by other
author
- …