Ideal hierarchical secret sharing schemes

Hierarchical secret sharing is among the most natural generalizations of threshold secret sharing, and it has attracted a lot of attention from the invention of secret sharing until nowadays. Several constructions of ideal hierarchical secret sharing schemes have been proposed, but it was not known what access structures admit such a scheme. We solve this problem by providing a natural definition for the family of the hierarchical access structures and, more importantly, by presenting a complete characterization of the ideal hierarchical access structures, that is, the ones admitting an ideal secret sharing scheme. Our characterization deals with the properties of the hierarchically minimal sets of the access structure, which are the minimal qualified sets whose participants are in the lowest possible levels in the hierarchy. By using our characterization, it can be efficiently checked whether any given hierarchical access structure that is defined by its hierarchically minimal sets is ideal. We use the well known connection between ideal secret sharing and matroids and, in particular, the fact that every ideal access structure is a matroid port. In addition, we use recent results on ideal multipartite access structures and the connection between multipartite matroids and integer polymatroids. We prove that every ideal hierarchical access structure is the port of a representable matroid and, more specifically, we prove that every ideal structure in this family admits ideal linear secret sharing schemes over fields of all characteristics. In addition, methods to construct such ideal schemes can be derived from the results in this paper and the aforementioned ones on ideal multipartite secret sharing. Finally, we use our results to find a new proof for the characterization of the ideal weighted threshold access structures that is simpler than the existing one.Peer ReviewedPostprint (author's final draft

A Remark on Hierarchical Threshold Secret Sharing

The main results of this paper are theorems which provide a solution to the open problem posed by Tassa [1]. He considers a specific family Γν of hierarchical threshold access structures and shows that two extreme members Γ and Γv of Γν are realized by secret sharing schemes which are ideal and perfect. The question posed by Tassa is whether the other members of Γν can be realized by ideal and perfect schemes as well. We show that the answer in general is negative. A precise definition of secret sharing scheme introduced by Brickell and Davenport in [2] combined with a connection between schemes and matroids are crucial tools used in this paper. Brickell and Davenport describe secret sharing scheme as a matrix M with n+1 columns, where n denotes the number of participants, and define ideality and perfectness as properties of the matrix M. The auxiliary theorems presented in this paper are interesting not only because of providing the solution of the problem. For example, they provide an upper bound on the number of rows of M if the scheme is perfect and ideal

A remark on hierarchical threshold secret sharing

The main results of this paper are theorems which provide a solution to the open problem posed by Tassa [1]. He considers a specific family Γv of hierarchical threshold access structures and shows that two extreme members Γ∧ and Γ∨ of Γv are realized by secret sharing schemes which are ideal and perfect. The question posed by Tassa is whether the other members of Γv can be realized by ideal and perfect schemes as well. We show that the answer in general is negative. A precise definition of secret sharing scheme introduced by Brickell and Davenport in [2] combined with a connection between schemes and matroids are crucial tools used in this paper. Brickell and Davenport describe secret sharing scheme as a matrix M with n+1 columns, where n denotes the number of participants, and define ideality and perfectness as properties of the matrix M. The auxiliary theorems presented in this paper are interesting not only because of providing the solution of the problem. For example, they provide an upper bound on the number of rows of M if the scheme is perfect and ideal

On Hierarchical Threshold Secret Sharing

Recently, two novel schemes have been proposed for hierarchical threshold secret sharing, one based on Birkoff interpolation and another based on bivariate Lagrange interpolation. In this short paper, we propose a much simpler solution for this problem

Algorithms for multi-secret hierarchical sharing schemes of shamir type

In this paper there are presented algorithms for multilevel hierarchical threshold secret sharing schemes based on the interpolation of Hermite type, which use either traditional Shamir's keys or polynomial and orthogonal polynomial keys. These algorithms enable to compute the probability of authenticity of shares during the process of recovering the keys. In addition, two models of secret sharing are considered, which enlarge their security against attacks and decrease their rate of computations by applying FFT-algorithm

Generalized threshold secret sharing and finite geometry

In the history of secret sharing schemes many constructions are based on geometric objects. In this paper we investigate generalizations of threshold schemes and related finite geometric structures. In particular, we analyse compartmented and hierarchical schemes, and deduce some more general results, especially bounds for special arcs and novel constructions for conjunctive 2-level and 3-level hierarchical schemes

Hierarchical and dynamic threshold Paillier cryptosystem without trusted dealer

We propose the first hierarchical and dynamic threshold Paillier cryptosystem without trusted dealer and prove its security in the malicious adversary model. The new cryptosystem is fully distributed, i. e., public and private key generation is performed without a trusted dealer. The private key is shared with a hierarchical and dynamic secret sharing scheme over the integers. In such a scheme not only the amount of shareholders, but also their levels in the hierarchy decide whether or not they can reconstruct the secret and new shareholders can be added or removed without reconstruction of the secret

Efficient Explicit Constructions of Multipartite Secret Sharing Schemes

Multipartite secret sharing schemes are those having a multipartite access structure, in which the set of participants is divided into several parts and all participants in the same part play an equivalent role. Secret sharing schemes for multipartite access structures have received considerable attention due to the fact that multipartite secret sharing can be seen as a natural and useful generalization of threshold secret sharing. This work deals with efficient and explicit constructions of ideal multipartite secret sharing schemes, while most of the known constructions are either inefficient or randomized. Most ideal multipartite secret sharing schemes in the literature can be classified as either hierarchical or compartmented. The main results are the constructions for ideal hierarchical access structures, a family that contains every ideal hierarchical access structure as a particular case such as the disjunctive hierarchical threshold access structure and the conjunctive hierarchical threshold access structure, the constructions for three families of compartmented access structures, and the constructions for two families compartmented access structures with compartments. On the basis of the relationship between multipartite secret sharing schemes, polymatroids, and matroids, the problem of how to construct a scheme realizing a multipartite access structure can be transformed to the problem of how to find a representation of a matroid from a presentation of its associated polymatroid. In this paper, we give efficient algorithms to find representations of the matroids associated to several families of multipartite access structures. More precisely, based on know results about integer polymatroids, for each of those families of access structures above, we give an efficient method to find a representation of the integer polymatroid over some finite field, and then over some finite extension of that field, we give an efficient method to find a presentation of the matroid associated to the integer polymatroid. Finally, we construct ideal linear schemes realizing those families of multipartite access structures by efficient methods

Performing Computations on Hierarchically Shared Secrets

Hierarchical secret sharing schemes distribute a message to a set of shareholders with different reconstruction capabilities. In distributed storage systems, this is an important property because it allows to grant more reconstruction capability to better performing storage servers and vice versa. In particular, Tassa\u27s conjunctive and disjunctive hierarchical secret sharing schemes are based on Birkhoff interpolation and perform equally well as Shamir\u27s threshold secret sharing scheme. Thus, they are promising candidates for distributed storage systems. A key requirement is the possibility to perform function evaluations over shared data. However, practical algorithms supporting this have not been provided yet with respect to hierarchical secret sharing schemes. Aiming at closing this gap, in this work, we show how additions and multiplications of shares can be practically computed using Tassa\u27s conjunctive and disjunctive hierarchical secret sharing schemes. Furthermore, we provide auditing procedures for operations on messages shared hierarchically, which allow to verify that functions on the shares have been performed correctly. We close this work with an evaluation of the correctness, security, and efficiency of the protocols we propose