Ideal hierarchical secret sharing schemes

Hierarchical secret sharing is among the most natural generalizations of threshold secret sharing, and it has attracted a lot of attention from the invention of secret sharing until nowadays. Several constructions of ideal hierarchical secret sharing schemes have been proposed, but it was not known what access structures admit such a scheme. We solve this problem by providing a natural definition for the family of the hierarchical access structures and, more importantly, by presenting a complete characterization of the ideal hierarchical access structures, that is, the ones admitting an ideal secret sharing scheme. Our characterization deals with the properties of the hierarchically minimal sets of the access structure, which are the minimal qualified sets whose participants are in the lowest possible levels in the hierarchy. By using our characterization, it can be efficiently checked whether any given hierarchical access structure that is defined by its hierarchically minimal sets is ideal. We use the well known connection between ideal secret sharing and matroids and, in particular, the fact that every ideal access structure is a matroid port. In addition, we use recent results on ideal multipartite access structures and the connection between multipartite matroids and integer polymatroids. We prove that every ideal hierarchical access structure is the port of a representable matroid and, more specifically, we prove that every ideal structure in this family admits ideal linear secret sharing schemes over fields of all characteristics. In addition, methods to construct such ideal schemes can be derived from the results in this paper and the aforementioned ones on ideal multipartite secret sharing. Finally, we use our results to find a new proof for the characterization of the ideal weighted threshold access structures that is simpler than the existing one.Peer ReviewedPostprint (author's final draft

Ideal Secret Sharing Schemes: Combinatorial Characterizations, Certain Access Structures, and Related Geometric Problems

An ideal secret sharing scheme is a method of sharing a secret key in some key space among a finite set of participants in such a way that only the authorized subsets of participants can reconstruct the secret key from their shares which are of the same length as that of the secret key. The set of all authorized subsets of participants is the access structure of the secret sharing scheme. In this paper, we derive several properties and restate the combinatorial characterization of an ideal secret sharing scheme in Brickell-Stinson model in terms of orthogonality of its representative array. We propose two practical models, namely the parallel and hierarchical models, for access structures, and then, by the restated characterization, we discuss sufficient conditions on finite geometries for ideal secret sharing schemes to realize these access structure models. Several series of ideal secret sharing schemes realizing special parallel or hierarchical access structure model are constructed from finite projective planes.Comment: This paper was published in 2009 in the "Journal of Statistics and Applications Vol 4, No. 2-3", which is now inaccessible and has been removed from MathSciNet. I have decided to upload the paper here for those who wish to refer to i

Efficient Explicit Constructions of Multipartite Secret Sharing Schemes

Multipartite secret sharing schemes are those having a multipartite access structure, in which the set of participants is divided into several parts and all participants in the same part play an equivalent role. Secret sharing schemes for multipartite access structures have received considerable attention due to the fact that multipartite secret sharing can be seen as a natural and useful generalization of threshold secret sharing. This work deals with efficient and explicit constructions of ideal multipartite secret sharing schemes, while most of the known constructions are either inefficient or randomized. Most ideal multipartite secret sharing schemes in the literature can be classified as either hierarchical or compartmented. The main results are the constructions for ideal hierarchical access structures, a family that contains every ideal hierarchical access structure as a particular case such as the disjunctive hierarchical threshold access structure and the conjunctive hierarchical threshold access structure, the constructions for three families of compartmented access structures, and the constructions for two families compartmented access structures with compartments. On the basis of the relationship between multipartite secret sharing schemes, polymatroids, and matroids, the problem of how to construct a scheme realizing a multipartite access structure can be transformed to the problem of how to find a representation of a matroid from a presentation of its associated polymatroid. In this paper, we give efficient algorithms to find representations of the matroids associated to several families of multipartite access structures. More precisely, based on know results about integer polymatroids, for each of those families of access structures above, we give an efficient method to find a representation of the integer polymatroid over some finite field, and then over some finite extension of that field, we give an efficient method to find a presentation of the matroid associated to the integer polymatroid. Finally, we construct ideal linear schemes realizing those families of multipartite access structures by efficient methods

A Remark on Hierarchical Threshold Secret Sharing

The main results of this paper are theorems which provide a solution to the open problem posed by Tassa [1]. He considers a specific family Γν of hierarchical threshold access structures and shows that two extreme members Γ and Γv of Γν are realized by secret sharing schemes which are ideal and perfect. The question posed by Tassa is whether the other members of Γν can be realized by ideal and perfect schemes as well. We show that the answer in general is negative. A precise definition of secret sharing scheme introduced by Brickell and Davenport in [2] combined with a connection between schemes and matroids are crucial tools used in this paper. Brickell and Davenport describe secret sharing scheme as a matrix M with n+1 columns, where n denotes the number of participants, and define ideality and perfectness as properties of the matrix M. The auxiliary theorems presented in this paper are interesting not only because of providing the solution of the problem. For example, they provide an upper bound on the number of rows of M if the scheme is perfect and ideal

A remark on hierarchical threshold secret sharing

The main results of this paper are theorems which provide a solution to the open problem posed by Tassa [1]. He considers a specific family Γv of hierarchical threshold access structures and shows that two extreme members Γ∧ and Γ∨ of Γv are realized by secret sharing schemes which are ideal and perfect. The question posed by Tassa is whether the other members of Γv can be realized by ideal and perfect schemes as well. We show that the answer in general is negative. A precise definition of secret sharing scheme introduced by Brickell and Davenport in [2] combined with a connection between schemes and matroids are crucial tools used in this paper. Brickell and Davenport describe secret sharing scheme as a matrix M with n+1 columns, where n denotes the number of participants, and define ideality and perfectness as properties of the matrix M. The auxiliary theorems presented in this paper are interesting not only because of providing the solution of the problem. For example, they provide an upper bound on the number of rows of M if the scheme is perfect and ideal

Hierarchiczność wielodzielnych struktur dostępu

A notion of a secret sharing scheme was introduced independently by Blakley and Shamir in 1979. An idea, which is a basis of a secret sharing scheme, is dividing information, called a secret, into pieces that are sent to participants. It is crucial that only some sets of participants are able to recover the secret. These sets are called authorised. A family of authorised sets is called an access structure. It is also important that sets of participants, which are not in the access structure, cannot reconstruct the secret. The participants, which take part in a secret sharing scheme, do not have to be equivalent to each other, but they belong to the different hierarchies. It is natural that the secret sharing scheme should take into consideration a position of a participant in a hierarchy. An access structure, in which participants are divided into disjoint blocks of people having the same position in a hierarchy, is called a hierarchical access structure. The hierarchical access structures were first considered by Shamir. They concerned a hierarchy which corresponds to a linear order in a set of blocks. Such access structures are called strict hierarchical access structures. Another family of access structures found in the literature are compartmented access structures, which means that they concern a hierarchy that corresponds to an antilinear order in a set of blocks. In the first chapter we present basic definitions and facts about secret sharing schemes and access structures. We also study properties of connected and ideal secret sharing schemes. In particular, we show a connection between numbers of elements in independent sets and maximal unauthorised sets of a secret sharing scheme. Next chapter is dedicated to matroids and polymatroids, since there exists a strong connection between these notions and secret sharing schemes and access structures. We focus mainly on access structures which are determined by uniform polymatroids, hence, among other things, we show a characterization of uniform polymatroids by non-increasing sequences of non-negative integers. What is more, we specify a sufficient and necessary condition for a uniform polymatroid to be a boolean polymatroid. In the third chapter we present a definition of a hierarchical access structure which generalises notions of strict hierarchical access structures and compartmented access structures. We also introduce a vector representation of sets of participants invented by Farr`as, Mart´ı-Farr´e and Padró. Moreover, we look closer at the history of strict hierarchical access structures and compartmented access structures. Finally, we give a negative answer for a question posed by Tassa. The fourth chapter is devoted to constructing hierarchical access structures with use of uniform polymatroids, particularly access structures which are neither strict hierarchical nor compartmented. We examine a hierarchy in a family of blocks which are determined by constructed access structures. We also study a connectivity and ideality of obtained access structures. In addition to this, we prove (using boolean uniform polymatroids), that there exist hierarchical access structures, which are neither strict hierarchical nor compartmented, but they are ports of some representable matroids. The last chapter is slightly different than the previous chapters. Farr`as and Padró showed how to compare two sets of participants in strict hierarchical access structure using their vector representations. In this chapter we generalise this results for an arbitrary hierarchical access structure. In order to do that, we use a method that refers to a transportation problem from the area of operational research

On the optimization of bipartite secret sharing schemes

Optimizing the ratio between the maximum length of the shares and the length of the secret value in secret sharing schemes for general access structures is an extremely difficult and long-standing open problem. In this paper, we study it for bipartite access structures, in which the set of participants is divided in two parts, and all participants in each part play an equivalent role. We focus on the search of lower bounds by using a special class of polymatroids that is introduced here, the tripartite ones. We present a method based on linear programming to compute, for every given bipartite access structure, the best lower bound that can be obtained by this combinatorial method. In addition, we obtain some general lower bounds that improve the previously known ones, and we construct optimal secret sharing schemes for a family of bipartite access structures.Peer ReviewedPostprint (author's final draft