7,163 research outputs found
SETUP in Secret Sharing Schemes using Random Values
Secret sharing schemes divide a secret among multiple participants so that only authorized subsets of parties can reconstruct it. We show that SETUP (Secretly Embedded Trapdoor with Universal Protection) attack can be embedded in secret sharing schemes that employ enough randomness to give the attacker an overwhelming advantage to access the secret. In case of ideal schemes, a coalition of a few participants (within at least one is the attacker) can succeed the attack, while in case of non-ideal schemes the attacker\u27s knowledge can be enough to reveal the secret. We exemplify the attack against Shamir\u27s threshold scheme, which is the most well-known and used secret sharing scheme. Finally, we consider some prevention techniques against the proposed attack
Secret-Sharing for NP
A computational secret-sharing scheme is a method that enables a dealer, that
has a secret, to distribute this secret among a set of parties such that a
"qualified" subset of parties can efficiently reconstruct the secret while any
"unqualified" subset of parties cannot efficiently learn anything about the
secret. The collection of "qualified" subsets is defined by a Boolean function.
It has been a major open problem to understand which (monotone) functions can
be realized by a computational secret-sharing schemes. Yao suggested a method
for secret-sharing for any function that has a polynomial-size monotone circuit
(a class which is strictly smaller than the class of monotone functions in P).
Around 1990 Rudich raised the possibility of obtaining secret-sharing for all
monotone functions in NP: In order to reconstruct the secret a set of parties
must be "qualified" and provide a witness attesting to this fact.
Recently, Garg et al. (STOC 2013) put forward the concept of witness
encryption, where the goal is to encrypt a message relative to a statement "x
in L" for a language L in NP such that anyone holding a witness to the
statement can decrypt the message, however, if x is not in L, then it is
computationally hard to decrypt. Garg et al. showed how to construct several
cryptographic primitives from witness encryption and gave a candidate
construction.
One can show that computational secret-sharing implies witness encryption for
the same language. Our main result is the converse: we give a construction of a
computational secret-sharing scheme for any monotone function in NP assuming
witness encryption for NP and one-way functions. As a consequence we get a
completeness theorem for secret-sharing: computational secret-sharing scheme
for any single monotone NP-complete function implies a computational
secret-sharing scheme for every monotone function in NP
KALwEN+: Practical Key Management Schemes for Gossip-Based Wireless Medical Sensor Networks
The constrained resources of sensors restrict the design of a key management scheme for wireless sensor networks (WSNs). In this work, we first formalize the security model of ALwEN, which is a gossip-based wireless medical sensor network (WMSN) for ambient assisted living. Our security model considers the node capture, the gossip-based network and the revocation problems, which should be valuable for ALwEN-like applications. Based on Shamir's secret sharing technique, we then propose two key management schemes for ALwEN, namely the KALwEN+ schemes, which are proven with the security properties defined in the security model. The KALwEN+ schemes not only fit ALwEN, but also can be tailored to other scalable wireless sensor networks based on gossiping
A secure data outsourcing scheme based on Asmuth – Bloom secret sharing
The file attached to this record is the author's final peer reviewed version. The Publisher's final version can be found by following the DOI link.Data outsourcing is an emerging paradigm for data management in which a database is provided as a service by third-party service providers. One of the major benefits of offering database as a service is to provide organisations, which are unable to purchase expensive hardware and software to host their databases, with efficient data storage accessible online at a cheap rate. Despite that, several issues of data confidentiality, integrity, availability and efficient indexing of users’ queries at the server side have to be addressed in the data outsourcing paradigm. Service providers have to guarantee that their clients’ data are secured against internal (insider) and external attacks. This paper briefly analyses the existing indexing schemes in data outsourcing and highlights their advantages and disadvantages. Then, this paper proposes a secure data outsourcing scheme based on Asmuth–Bloom secret sharing which tries to address the issues in data outsourcing such as data confidentiality, availability and order preservation for efficient indexing
PROPYLA: Privacy Preserving Long-Term Secure Storage
An increasing amount of sensitive information today is stored electronically
and a substantial part of this information (e.g., health records, tax data,
legal documents) must be retained over long time periods (e.g., several decades
or even centuries). When sensitive data is stored, then integrity and
confidentiality must be protected to ensure reliability and privacy. Commonly
used cryptographic schemes, however, are not designed for protecting data over
such long time periods. Recently, the first storage architecture combining
long-term integrity with long-term confidentiality protection was proposed
(AsiaCCS'17). However, the architecture only deals with a simplified storage
scenario where parts of the stored data cannot be accessed and verified
individually. If this is allowed, however, not only the data content itself,
but also the access pattern to the data (i.e., the information which data items
are accessed at which times) may be sensitive information. Here we present the
first long-term secure storage architecture that provides long-term access
pattern hiding security in addition to long-term integrity and long-term
confidentiality protection. To achieve this, we combine information-theoretic
secret sharing, renewable timestamps, and renewable commitments with an
information-theoretic oblivious random access machine. Our performance analysis
of the proposed architecture shows that achieving long-term integrity,
confidentiality, and access pattern hiding security is feasible.Comment: Few changes have been made compared to proceedings versio
- …