241,756 research outputs found
Yet another insecure group key distribution scheme using secret sharing
A recently proposed group key distribution scheme known as UMKESS, based on
secret sharing, is shown to be insecure. Not only is it insecure, but it does
not always work, and the rationale for its design is unsound. UMKESS is the
latest in a long line of flawed group key distribution schemes based on secret
sharing techniques.Comment: Minor modifications to provide extra backgroun
fVSS: A New Secure and Cost-Efficient Scheme for Cloud Data Warehouses
Cloud business intelligence is an increasingly popular choice to deliver
decision support capabilities via elastic, pay-per-use resources. However, data
security issues are one of the top concerns when dealing with sensitive data.
In this pa-per, we propose a novel approach for securing cloud data warehouses
by flexible verifiable secret sharing, fVSS. Secret sharing encrypts and
distributes data over several cloud ser-vice providers, thus enforcing data
privacy and availability. fVSS addresses four shortcomings in existing secret
sharing-based approaches. First, it allows refreshing the data ware-house when
some service providers fail. Second, it allows on-line analysis processing.
Third, it enforces data integrity with the help of both inner and outer
signatures. Fourth, it helps users control the cost of cloud warehousing by
balanc-ing the load among service providers with respect to their pricing
policies. To illustrate fVSS' efficiency, we thoroughly compare it with
existing secret sharing-based approaches with respect to security features,
querying power and data storage and computing costs
On Hyperfocused Arcs in PG(2,q)
A k-arc in a Dearguesian projective plane whose secants meet some external
line in k-1 points is said to be hyperfocused. Hyperfocused arcs are
investigated in connection with a secret sharing scheme based on geometry due
to Simmons. In this paper it is shown that point orbits under suitable groups
of elations are hyperfocused arcs with the significant property of being
contained neither in a hyperoval, nor in a proper subplane. Also, the concept
of generalized hyperfocused arc, i.e. an arc whose secants admit a blocking set
of minimum size, is introduced: a construction method is provided, together
with the classification for size up to 10
An Effective Private Data storage and Retrieval System using Secret sharing scheme based on Secure Multi-party Computation
Privacy of the outsourced data is one of the major challenge.Insecurity of
the network environment and untrustworthiness of the service providers are
obstacles of making the database as a service.Collection and storage of
personally identifiable information is a major privacy concern.On-line public
databases and resources pose a significant risk to user privacy, since a
malicious database owner may monitor user queries and infer useful information
about the customer.The challenge in data privacy is to share data with
third-party and at the same time securing the valuable information from
unauthorized access and use by third party.A Private Information Retrieval(PIR)
scheme allows a user to query database while hiding the identity of the data
retrieved.The naive solution for confidentiality is to encrypt data before
outsourcing.Query execution,key management and statistical inference are major
challenges in this case.The proposed system suggests a mechanism for secure
storage and retrieval of private data using the secret sharing technique.The
idea is to develop a mechanism to store private information with a highly
available storage provider which could be accessed from anywhere using queries
while hiding the actual data values from the storage provider.The private
information retrieval system is implemented using Secure Multi-party
Computation(SMC) technique which is based on secret sharing. Multi-party
Computation enable parties to compute some joint function over their private
inputs.The query results are obtained by performing a secure computation on the
shares owned by the different servers.Comment: Data Science & Engineering (ICDSE), 2014 International Conference,
CUSA
Optimistic Fair Exchange based on Publicly Verifiable Secret Sharing
In this paper we propose an optimistic two-party fair exchange protocol which does not rely on a centralized trusted third party. Instead, the fairness of the protocol relies on the honesty of part of the neighbor participants. This new concept, which is based on a generic verifiable secret sharing scheme, is particularly relevant in networks where centralized authority can neither be used on-line nor off-line
RESCUE: Evaluation of a Fragmented Secret Share System in Distributed-Cloud Architecture
Scaling big data infrastructure using multi-cloud environment has led to the demand for highly secure, resilient and reliable data sharing method. Several variants of secret sharing scheme have been proposed but there remains a gap in knowledge on the evaluation of these methods in relation to scalability, resilience and key management as volume of files generated increase and cloud outages persist. In line with these, this thesis presents an evaluation of a method that combines data fragmentation with Shamir’s secret sharing scheme known as Fragmented Secret Share System (FSSS). It applies data fragmentation using a calculated optimum fragment size and encrypts each fragment using a 256-bit AES key length before dispersal to cloudlets, the encryption key is managed using secret sharing methods as used in cryptography.Four experiments were performed to measure the scalability, resilience and reliability in key management. The first and second experiments evaluated scalability using defined fragment blocks and an optimum fragment size. These fragment types were used to break file of varied sizes into fragments, and then encrypted and dispersed to the cloud, and recovered when required. Both were used in combination of different secret sharing policies for key management. The third experiment tested file recovery during cloud failures, while the fourth experiment focused on efficient key management.The contributions of this thesis are of two ways: development of evaluation frameworks to measure scalability and resilience of data sharing methods; and the provision of information on relationships between file sizes and share policies combinations. While the first aimed at providing platform to measure scalability from the point of continuous production as file size and volume increase, and resilience as the potential to continue operation despite cloud outages; the second provides experimental frameworks on the effects of file sizes and share policies on overall system performance.The results of evaluation of FSSS with similar methods showed that the fragmentation method has less overhead costs irrespective of file sizes and the share policy combination. That the inherent challenges in secret sharing scheme can only be solved through alternative means such as combining secret sharing with other data fragmentation method. In all, the system is less of any erasure coding technique, making it difficult to detect corrupt or lost fragment during file recovery
Non-Malleable Secret Sharing for General Access Structures
Goyal and Kumar (STOC\u2718) recently introduced the notion of non-malleable secret sharing. Very roughly, the guarantee they seek is the following: the adversary may potentially tamper with all of the shares, and still, either the reconstruction procedure outputs the original secret, or, the original secret is ``destroyed and the reconstruction outputs a string which is completely ``unrelated to the original secret. Prior works on non-malleable codes in the 2 split-state model imply constructions which can be seen as 2-out-of-2 non-malleable secret sharing (NMSS) schemes. Goyal and Kumar proposed constructions of t-out-of-n NMSS schemes. These constructions have already been shown to have a number of applications in cryptography.
We continue this line of research and construct NMSS for more general access structures. We give a generic compiler that converts any statistical (resp. computational) secret sharing scheme realizing any access structure into another statistical (resp. computational) secret sharing scheme that not only realizes the same access structure but also ensures statistical non-malleability against a computationally unbounded adversary who tampers each of the shares arbitrarily and independently. Instantiating with known schemes we get unconditional NMMS schemes that realize any access structures generated by polynomial size monotone span programs. Similarly, we also obtain conditional NMMS schemes realizing access structure in monotoneP (resp. monotoneNP) assuming one-way functions (resp. witness encryption).
Towards considering more general tampering models, we also propose a construction of n-out-of-n NMSS. Our construction is secure even if the adversary could divide the shares into any two (possibly overlapping) subsets and then arbitrarily tamper the shares in each subset. Our construction is based on a property of inner product and an observation that the inner-product based construction of Aggarwal, Dodis and Lovett (STOC\u2714) is in fact secure against a tampering class that is stronger than 2 split-states. We also show applications of our construction to the problem of non-malleable message transmission
An Epitome of Multi Secret Sharing Schemes for General Access Structure
Secret sharing schemes are widely used now a days in various applications,
which need more security, trust and reliability. In secret sharing scheme, the
secret is divided among the participants and only authorized set of
participants can recover the secret by combining their shares. The authorized
set of participants are called access structure of the scheme. In Multi-Secret
Sharing Scheme (MSSS), k different secrets are distributed among the
participants, each one according to an access structure. Multi-secret sharing
schemes have been studied extensively by the cryptographic community. Number of
schemes are proposed for the threshold multi-secret sharing and multi-secret
sharing according to generalized access structure with various features. In
this survey we explore the important constructions of multi-secret sharing for
the generalized access structure with their merits and demerits. The features
like whether shares can be reused, participants can be enrolled or dis-enrolled
efficiently, whether shares have to modified in the renewal phase etc., are
considered for the evaluation
- …