17,685 research outputs found
Nearly optimal robust secret sharing
Abstract: We prove that a known approach to improve Shamir's celebrated secret sharing scheme; i.e., adding an information-theoretic authentication tag to the secret, can make it robust for n parties against any collusion of size ÎŽn, for any constant ÎŽ â (0; 1/2). This result holds in the so-called ânonrushingâ model in which the n shares are submitted simultaneously for reconstruction. We thus finally obtain a simple, fully explicit, and robust secret sharing scheme in this model that is essentially optimal in all parameters including the share size which is k(1+o(1))+O(Îș), where k is the secret length and Îș is the security parameter. Like Shamir's scheme, in this modified scheme any set of more than ÎŽn honest parties can efficiently recover the secret. Using algebraic geometry codes instead of Reed-Solomon codes, the share length can be decreased to a constant (only depending on ÎŽ) while the number of shares n can grow independently. In this case, when n is large enough, the scheme satisfies the âthresholdâ requirement in an approximate sense; i.e., any set of ÎŽn(1 + Ï) honest parties, for arbitrarily small Ï > 0, can efficiently reconstruct the secret
Communication Efficient Secret Sharing
A secret sharing scheme is a method to store information securely and
reliably. Particularly, in a threshold secret sharing scheme, a secret is
encoded into shares, such that any set of at least shares suffice to
decode the secret, and any set of at most shares reveal no
information about the secret. Assuming that each party holds a share and a user
wishes to decode the secret by receiving information from a set of parties; the
question we study is how to minimize the amount of communication between the
user and the parties. We show that the necessary amount of communication,
termed "decoding bandwidth", decreases as the number of parties that
participate in decoding increases. We prove a tight lower bound on the decoding
bandwidth, and construct secret sharing schemes achieving the bound.
Particularly, we design a scheme that achieves the optimal decoding bandwidth
when parties participate in decoding, universally for all . The scheme is based on Shamir's secret sharing scheme and preserves its
simplicity and efficiency. In addition, we consider secure distributed storage
where the proposed communication efficient secret sharing schemes further
improve disk access complexity during decoding.Comment: submitted to the IEEE Transactions on Information Theory. New
references and a new construction adde
Network Codes Resilient to Jamming and Eavesdropping
We consider the problem of communicating information over a network secretly
and reliably in the presence of a hidden adversary who can eavesdrop and inject
malicious errors. We provide polynomial-time, rate-optimal distributed network
codes for this scenario, improving on the rates achievable in previous work.
Our main contribution shows that as long as the sum of the adversary's jamming
rate Zo and his eavesdropping rate Zi is less than the network capacity C,
(i.e., Zo+Zi<C), our codes can communicate (with vanishingly small error
probability) a single bit correctly and without leaking any information to the
adversary. We then use this to design codes that allow communication at the
optimal source rate of C-Zo-Zi, while keeping the communicated message secret
from the adversary. Interior nodes are oblivious to the presence of adversaries
and perform random linear network coding; only the source and destination need
to be tweaked. In proving our results we correct an error in prior work by a
subset of the authors in this work.Comment: 6 pages, to appear at IEEE NetCod 201
On the Duality of Probing and Fault Attacks
In this work we investigate the problem of simultaneous privacy and integrity
protection in cryptographic circuits. We consider a white-box scenario with a
powerful, yet limited attacker. A concise metric for the level of probing and
fault security is introduced, which is directly related to the capabilities of
a realistic attacker. In order to investigate the interrelation of probing and
fault security we introduce a common mathematical framework based on the
formalism of information and coding theory. The framework unifies the known
linear masking schemes. We proof a central theorem about the properties of
linear codes which leads to optimal secret sharing schemes. These schemes
provide the lower bound for the number of masks needed to counteract an
attacker with a given strength. The new formalism reveals an intriguing duality
principle between the problems of probing and fault security, and provides a
unified view on privacy and integrity protection using error detecting codes.
Finally, we introduce a new class of linear tamper-resistant codes. These are
eligible to preserve security against an attacker mounting simultaneous probing
and fault attacks
When the Hammer Meets the Nail: Multi-Server PIR for Database-Driven CRN with Location Privacy Assurance
We show that it is possible to achieve information theoretic location privacy
for secondary users (SUs) in database-driven cognitive radio networks (CRNs)
with an end-to-end delay less than a second, which is significantly better than
that of the existing alternatives offering only a computational privacy. This
is achieved based on a keen observation that, by the requirement of Federal
Communications Commission (FCC), all certified spectrum databases synchronize
their records. Hence, the same copy of spectrum database is available through
multiple (distinct) providers. We harness the synergy between multi-server
private information retrieval (PIR) and database- driven CRN architecture to
offer an optimal level of privacy with high efficiency by exploiting this
observation. We demonstrated, analytically and experimentally with deployments
on actual cloud systems that, our adaptations of multi-server PIR outperform
that of the (currently) fastest single-server PIR by a magnitude of times with
information theoretic security, collusion resiliency, and fault-tolerance
features. Our analysis indicates that multi-server PIR is an ideal
cryptographic tool to provide location privacy in database-driven CRNs, in
which the requirement of replicated databases is a natural part of the system
architecture, and therefore SUs can enjoy all advantages of multi-server PIR
without any additional architectural and deployment costs.Comment: 10 pages, double colum
- âŠ