12,282 research outputs found
Secret Sharing for Cloud Data Security
Cloud computing helps reduce costs, increase business agility and deploy
solutions with a high return on investment for many types of applications.
However, data security is of premium importance to many users and often
restrains their adoption of cloud technologies. Various approaches, i.e., data
encryption, anonymization, replication and verification, help enforce different
facets of data security. Secret sharing is a particularly interesting
cryptographic technique. Its most advanced variants indeed simultaneously
enforce data privacy, availability and integrity, while allowing computation on
encrypted data. The aim of this paper is thus to wholly survey secret sharing
schemes with respect to data security, data access and costs in the
pay-as-you-go paradigm
Finding Safety in Numbers with Secure Allegation Escrows
For fear of retribution, the victim of a crime may be willing to report it
only if other victims of the same perpetrator also step forward. Common
examples include 1) identifying oneself as the victim of sexual harassment,
especially by a person in a position of authority or 2) accusing an influential
politician, an authoritarian government, or ones own employer of corruption. To
handle such situations, legal literature has proposed the concept of an
allegation escrow: a neutral third-party that collects allegations anonymously,
matches them against each other, and de-anonymizes allegers only after
de-anonymity thresholds (in terms of number of co-allegers), pre-specified by
the allegers, are reached.
An allegation escrow can be realized as a single trusted third party;
however, this party must be trusted to keep the identity of the alleger and
content of the allegation private. To address this problem, this paper
introduces Secure Allegation Escrows (SAE, pronounced "say"). A SAE is a group
of parties with independent interests and motives, acting jointly as an escrow
for collecting allegations from individuals, matching the allegations, and
de-anonymizing the allegations when designated thresholds are reached. By
design, SAEs provide a very strong property: No less than a majority of parties
constituting a SAE can de-anonymize or disclose the content of an allegation
without a sufficient number of matching allegations (even in collusion with any
number of other allegers). Once a sufficient number of matching allegations
exist, the join escrow discloses the allegation with the allegers' identities.
We describe how SAEs can be constructed using a novel authentication protocol
and a novel allegation matching and bucketing algorithm, provide formal proofs
of the security of our constructions, and evaluate a prototype implementation,
demonstrating feasibility in practice.Comment: To appear in NDSS 2020. New version includes improvements to writing
and proof. The protocol is unchange
Ideal Tightly Couple (t,m,n) Secret Sharing
As a fundamental cryptographic tool, (t,n)-threshold secret sharing
((t,n)-SS) divides a secret among n shareholders and requires at least t,
(t<=n), of them to reconstruct the secret. Ideal (t,n)-SSs are most desirable
in security and efficiency among basic (t,n)-SSs. However, an adversary, even
without any valid share, may mount Illegal Participant (IP) attack or
t/2-Private Channel Cracking (t/2-PCC) attack to obtain the secret in most
(t,n)-SSs.To secure ideal (t,n)-SSs against the 2 attacks, 1) the paper
introduces the notion of Ideal Tightly cOupled (t,m,n) Secret Sharing (or
(t,m,n)-ITOSS ) to thwart IP attack without Verifiable SS; (t,m,n)-ITOSS binds
all m, (m>=t), participants into a tightly coupled group and requires all
participants to be legal shareholders before recovering the secret. 2) As an
example, the paper presents a polynomial-based (t,m,n)-ITOSS scheme, in which
the proposed k-round Random Number Selection (RNS) guarantees that adversaries
have to crack at least symmetrical private channels among participants before
obtaining the secret. Therefore, k-round RNS enhances the robustness of
(t,m,n)-ITOSS against t/2-PCC attack to the utmost. 3) The paper finally
presents a generalized method of converting an ideal (t,n)-SS into a
(t,m,n)-ITOSS, which helps an ideal (t,n)-SS substantially improve the
robustness against the above 2 attacks
- …