5 research outputs found
Communication Efficient Secret Sharing
A secret sharing scheme is a method to store information securely and
reliably. Particularly, in a threshold secret sharing scheme, a secret is
encoded into shares, such that any set of at least shares suffice to
decode the secret, and any set of at most shares reveal no
information about the secret. Assuming that each party holds a share and a user
wishes to decode the secret by receiving information from a set of parties; the
question we study is how to minimize the amount of communication between the
user and the parties. We show that the necessary amount of communication,
termed "decoding bandwidth", decreases as the number of parties that
participate in decoding increases. We prove a tight lower bound on the decoding
bandwidth, and construct secret sharing schemes achieving the bound.
Particularly, we design a scheme that achieves the optimal decoding bandwidth
when parties participate in decoding, universally for all . The scheme is based on Shamir's secret sharing scheme and preserves its
simplicity and efficiency. In addition, we consider secure distributed storage
where the proposed communication efficient secret sharing schemes further
improve disk access complexity during decoding.Comment: submitted to the IEEE Transactions on Information Theory. New
references and a new construction adde
Communication Efficient Secret Sharing in the Presence of Malicious Adversary
Consider the communication efficient secret sharing problem. A dealer wants
to share a secret with parties such that any parties can
reconstruct the secret and any parties eavesdropping on their shares
obtain no information about the secret. In addition, a legitimate user
contacting any , , parties to decode the secret can do so by
reading and downloading the minimum amount of information needed. We are
interested in communication efficient secret sharing schemes that tolerate the
presence of malicious parties actively corrupting their shares and the data
delivered to the users. The knowledge of the malicious parties about the secret
is restricted to the shares they obtain. We characterize the capacity, i.e.
maximum size of the secret that can be shared. We derive the minimum amount of
information needed to to be read and communicated to a legitimate user to
decode the secret from parties, . Error-correcting codes do
not achieve capacity in this setting. We construct codes that achieve capacity
and achieve minimum read and communication costs for all possible values of
. Our codes are based on Staircase codes, previously introduced for
communication efficient secret sharing, and on the use of a pairwise hashing
scheme used in distributed data storage and network coding settings to detect
errors inserted by a limited knowledge adversary.Comment: Extended version of a paper submitted to ISIT 202
Storage Codes with Flexible Number of Nodes
This paper presents flexible storage codes, a class of error-correcting codes
that can recover information from a flexible number of storage nodes. As a
result, one can make a better use of the available storage nodes in the
presence of unpredictable node failures and reduce the data access latency. Let
us assume a storage system encodes information symbols over a finite
field into nodes, each of size symbols. The code is
parameterized by a set of tuples ,
satisfying and , such that the information symbols can be reconstructed from any
nodes, each node accessing symbols. In other words, the code
allows a flexible number of nodes for decoding to accommodate the variance in
the data access time of the nodes. Code constructions are presented for
different storage scenarios, including LRC (locally recoverable) codes, PMDS
(partial MDS) codes, and MSR (minimum storage regenerating) codes. We analyze
the latency of accessing information and perform simulations on Amazon clusters
to show the efficiency of presented codes
Threshold changeable secret sharing schemes revisited
AbstractThis paper studies the methods for changing thresholds in the absence of secure channels after the setup of threshold secret sharing schemes. First, we construct a perfect (t,n) threshold scheme that is threshold changeable to tβ²>t, which is optimal with respect to the share size. This improves the scheme of Wang and Wong by relaxing the requirement from qβ₯n+v to q>n with the secret-domain Fqv. But these threshold changeable schemes along with most previously known schemes turn out to be insecure under the collusion attack of players holding initial shares. By adding a broadcast enforcement term we enhance the model with collusion security and N options of threshold change. Then we construct a computationally secure scheme under the enhanced model, which involves much shorter shares and broadcast messages than the perfect schemes. Finally, we discuss how to realize the enrollment and disenrollment of players, and particularly, how to deal with L-fold changes of access polices