ideal multipartite secret sharing schemes
play

Ideal Multipartite Secret Sharing Schemes Oriol Farrs, Jaume - PowerPoint PPT Presentation

Mar 18, 2023 •545 likes •890 views

Ideal Secret Sharing Schemes Ideal Multipartite Access Structures Ideal Multipartite Secret Sharing Schemes Oriol Farrs, Jaume Mart-Farr, Carles Padr Universitat Politcnica de Catalunya Eurocrypt 2007, Barcelona Farrs,

  1. Ideal Secret Sharing Schemes Ideal Multipartite Access Structures Ideal Multipartite Secret Sharing Schemes Oriol Farràs, Jaume Martí-Farré, Carles Padró Universitat Politècnica de Catalunya Eurocrypt 2007, Barcelona Farràs, Martí-Farré, Padró Ideal Multipartite Secret Sharing Schemes – EC 2007

  2. Ideal Secret Sharing Schemes Ideal Multipartite Access Structures Plan of the Talk 1 Ideal Secret Sharing Schemes Shamir’s Secret Sharing Scheme Secret Sharing Schemes for General Access Structures Ideal Secret Sharing Schemes and Matroids 2 Ideal Multipartite Access Structures Multipartite Access Structures Necessary Conditions Sufficient Conditions Applications Farràs, Martí-Farré, Padró Ideal Multipartite Secret Sharing Schemes – EC 2007

  3. Shamir’s Secret Sharing Scheme Ideal Secret Sharing Schemes Secret Sharing Schemes for General Access Structures Ideal Multipartite Access Structures Ideal Secret Sharing Schemes and Matroids Ideal Secret Sharing Schemes 1 Shamir’s Secret Sharing Scheme Secret Sharing Schemes for General Access Structures Ideal Secret Sharing Schemes and Matroids Ideal Multipartite Access Structures 2 Farràs, Martí-Farré, Padró Ideal Multipartite Secret Sharing Schemes – EC 2007

  4. Shamir’s Secret Sharing Scheme Ideal Secret Sharing Schemes Secret Sharing Schemes for General Access Structures Ideal Multipartite Access Structures Ideal Secret Sharing Schemes and Matroids How to Share a Secret To share a secret value k ∈ K , take a random polynomial f ( x ) = k + a 1 x + · · · + a d − 1 x d − 1 ∈ K [ x ] and distribute the shares f ( x 1 ) , f ( x 2 ) , . . . , f ( x n ) where x i ∈ K − { 0 } is a public value associated to player p i Shamir 1979 Farràs, Martí-Farré, Padró Ideal Multipartite Secret Sharing Schemes – EC 2007

  5. Shamir’s Secret Sharing Scheme Ideal Secret Sharing Schemes Secret Sharing Schemes for General Access Structures Ideal Multipartite Access Structures Ideal Secret Sharing Schemes and Matroids Unconditional Security Every set of d players can reconstruct the secret value from their shares by using Lagrange interpolation H ( K | S 1 . . . S d ) = 0 The shares of any d − 1 players contain no information about the value of the secret H ( K | S 1 . . . S d − 1 ) = H ( K ) Perfect ( d , n ) -threshold secret sharing scheme Access structure: Γ = { A ⊆ P : | A | ≥ d } Shamir’s scheme is ideal (Every share has the same length as the secret) Farràs, Martí-Farré, Padró Ideal Multipartite Secret Sharing Schemes – EC 2007

  6. Shamir’s Secret Sharing Scheme Ideal Secret Sharing Schemes Secret Sharing Schemes for General Access Structures Ideal Multipartite Access Structures Ideal Secret Sharing Schemes and Matroids A Generalization What if all players are not equally important? We can consider a Weighted threshold access structure Every player can have a different weight w i ∈ Z A subset A ⊆ P is qualified if and only if � i ∈ A w i ≥ d One can take a ( d , n ) -threshold scheme with n = � i ∈ P w i Every player receives as many shares as its weight But this scheme is not ideal Shamir 1979 Farràs, Martí-Farré, Padró Ideal Multipartite Secret Sharing Schemes – EC 2007

  7. Shamir’s Secret Sharing Scheme Ideal Secret Sharing Schemes Secret Sharing Schemes for General Access Structures Ideal Multipartite Access Structures Ideal Secret Sharing Schemes and Matroids Ideal Linear Secret Sharing Schemes Can we construct ideal secret sharing schemes for non-threshold access structures? The geometric schemes by Blakley (1979) were transformed by Brickell (1989) into a linear construction Every linear code defines an ideal linear secret sharing scheme   ↑ ↑ ↑  = ( k , s 1 , . . . , s n ) ( x 1 , . . . , x d ) π 0 π 1 · · · π n  ↓ ↓ ↓ A ∈ Γ if and only if rank ( π 0 , ( π i ) i ∈ A ) = rank (( π i ) i ∈ A ) Farràs, Martí-Farré, Padró Ideal Multipartite Secret Sharing Schemes – EC 2007

  8. Shamir’s Secret Sharing Scheme Ideal Secret Sharing Schemes Secret Sharing Schemes for General Access Structures Ideal Multipartite Access Structures Ideal Secret Sharing Schemes and Matroids Multilevel and Compartmented Access Structures Brickell (1989) proved that there exist ideal linear secret sharing schemes for Multilevel access structures For instance, participants are divided in 3 levels A subset is qualified if and only if it contains at least 5 participants in the first level, or at least 8 participants in the first two levels, or at least 15 participants in the first three levels Farràs, Martí-Farré, Padró Ideal Multipartite Secret Sharing Schemes – EC 2007

  9. Shamir’s Secret Sharing Scheme Ideal Secret Sharing Schemes Secret Sharing Schemes for General Access Structures Ideal Multipartite Access Structures Ideal Secret Sharing Schemes and Matroids Multilevel and Compartmented Access Structures Brickell (1989) proved that there exist ideal linear secret sharing schemes for Compartmented access structures For instance, participants are divided in 3 classes A subset is qualified if and only if it contains at least 5 participants in each class, and at least 20 participants in total Farràs, Martí-Farré, Padró Ideal Multipartite Secret Sharing Schemes – EC 2007

  10. Shamir’s Secret Sharing Scheme Ideal Secret Sharing Schemes Secret Sharing Schemes for General Access Structures Ideal Multipartite Access Structures Ideal Secret Sharing Schemes and Matroids Multilevel and Compartmented Access Structures Brickell (1989) proved that there exist ideal linear secret sharing schemes for Multilevel access structures Compartmented access structures Other authors have proposed ideal schemes for other Multipartite access structures Farràs, Martí-Farré, Padró Ideal Multipartite Secret Sharing Schemes – EC 2007

  11. Shamir’s Secret Sharing Scheme Ideal Secret Sharing Schemes Secret Sharing Schemes for General Access Structures Ideal Multipartite Access Structures Ideal Secret Sharing Schemes and Matroids Problems Theorem (Ito, Saito, Nishizeki 1987) There exists a secret sharing scheme for every access structure Theorem (Benaloh, Leichter 1988) There exist access structures that cannot be realized by any ideal secret sharing scheme Problem Characterize the access structures of ideal secret sharing schemes. And, more generally, Problem Find the most efficient scheme for every access structure. Farràs, Martí-Farré, Padró Ideal Multipartite Secret Sharing Schemes – EC 2007

  12. Shamir’s Secret Sharing Scheme Ideal Secret Sharing Schemes Secret Sharing Schemes for General Access Structures Ideal Multipartite Access Structures Ideal Secret Sharing Schemes and Matroids Ideal LSSS and Matroids Let Q = { 0 , 1 , . . . , n } and P = Q − { 0 } For an ideal linear secret sharing scheme   ↑ ↑ ↑  = ( k , s 1 , . . . , s n ) ( x 1 , . . . , x d ) π 0 π 1 · · · π n  ↓ ↓ ↓ This collection of vectors defines a representable matroid ( Q , r ) For instance, from the rank function r : P ( Q ) → Z The access structure of the corresponding ideal linear SSS is Γ = Γ 0 ( M ) = { A ⊂ P : r ( A ∪ { 0 } ) = r ( A ) } min Γ = { A ⊂ P : A ∪ { 0 } is a circuit of M} Farràs, Martí-Farré, Padró Ideal Multipartite Secret Sharing Schemes – EC 2007

  13. Shamir’s Secret Sharing Scheme Ideal Secret Sharing Schemes Secret Sharing Schemes for General Access Structures Ideal Multipartite Access Structures Ideal Secret Sharing Schemes and Matroids A Sufficient Condition Definition (matroid-related access structure) An access structure Γ on P is matroid-related if there is a matroid M on Q = P ∪ { p 0 } such that min Γ = { A ⊂ P : A ∪ { p 0 } is a circuit of M} In this case, we write Γ = Γ p 0 ( M ) Theorem (Brickell, 1989) If Γ = Γ p 0 ( M ) for some representable matroid M , then Γ admits an ideal linear secret sharing scheme Farràs, Martí-Farré, Padró Ideal Multipartite Secret Sharing Schemes – EC 2007

  14. Shamir’s Secret Sharing Scheme Ideal Secret Sharing Schemes Secret Sharing Schemes for General Access Structures Ideal Multipartite Access Structures Ideal Secret Sharing Schemes and Matroids A Necessary Condition Definition (matroid-related access structure) An access structure Γ on P is matroid-related if there is a matroid M on Q = P ∪ { p 0 } such that min Γ = { A ⊂ P : A ∪ { p 0 } is a circuit of M} In this case, we write Γ = Γ p 0 ( M ) Theorem (Brickell, Davenport, 1991) The access structure of every ideal secret sharing scheme (linear or not) is matroid-related Farràs, Martí-Farré, Padró Ideal Multipartite Secret Sharing Schemes – EC 2007

  15. Shamir’s Secret Sharing Scheme Ideal Secret Sharing Schemes Secret Sharing Schemes for General Access Structures Ideal Multipartite Access Structures Ideal Secret Sharing Schemes and Matroids Characterizing Ideal Access Structures To characterize the matroid-related access structures To characterize the matroids that are represented by an ideal secret sharing scheme It is also interesting To study particular families of access structures To find interesting families of ideal access structures Farràs, Martí-Farré, Padró Ideal Multipartite Secret Sharing Schemes – EC 2007

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Constructing Ideal Secret Sharing Schemes based on Chinese Remainder Theorem Yu Ning, Fuyou

Constructing Ideal Secret Sharing Schemes based on Chinese Remainder Theorem Yu Ning, Fuyou

Constructing Ideal Secret Sharing Schemes based on Chinese Remainder Theorem Yu Ning, Fuyou Miao*, University of Science and Technology of China Contributions Generalization of existing CRT-based (t,n)-SS from Integer Ring to

548 views • 26 slides
On the Local Leakage Resilience of Linear Secret Sharing Schemes Linear Secret Sharing Schemes

On the Local Leakage Resilience of Linear Secret Sharing Schemes Linear Secret Sharing Schemes

On the Local Leakage Resilience of Linear Secret Sharing Schemes Linear Secret Sharing Schemes Akshay Degwekar (MIT) Joint with Fabrice Benhamouda (IBM Research), Yuval Ishai (Technion) and Tal Rabin (IBM Research) Leakage attacks can be

547 views • 30 slides
Secret Sharing and Visual Cryptography Outline Secret Sharing Visual Secret Sharing

Secret Sharing and Visual Cryptography Outline Secret Sharing Visual Secret Sharing

Secret Sharing and Visual Cryptography Outline Secret Sharing Visual Secret Sharing Constructions Moir Cryptography Issues Secret Sharing Secret Sharing Threshold Secret Sharing (Shamir, Blakely 1979) Motivation

1.32k views • 62 slides
Advanced Tools from Modern Cryptography Lecture 3 Secret-Sharing (ctd.) Secret-Sharing Last

Advanced Tools from Modern Cryptography Lecture 3 Secret-Sharing (ctd.) Secret-Sharing Last

Advanced Tools from Modern Cryptography Lecture 3 Secret-Sharing (ctd.) Secret-Sharing Last time (n,t) secret-sharing (n,n) via additive secret-sharing Shamir secret-sharing for general (n,t) Shamir secret-sharing is a linear

611 views • 14 slides
A Latin square autotopism secret sharing scheme Talk by Rebecca J. Stones Co-authors: Ming Su,

A Latin square autotopism secret sharing scheme Talk by Rebecca J. Stones Co-authors: Ming Su,

A Latin square autotopism secret sharing scheme Talk by Rebecca J. Stones Co-authors: Ming Su, Xiaoguang Liu, Gang Wang, (Nankai University) and Sheng Lin (Tianjin University of Technology). September 12, 2014 Secret sharing schemes Secret

1.43k views • 86 slides
Robust Secret Sharing Schemes Against Local Adversaries Allison Bishop Lewko Valerio Pastro

Robust Secret Sharing Schemes Against Local Adversaries Allison Bishop Lewko Valerio Pastro

Robust Secret Sharing Schemes Against Local Adversaries Allison Bishop Lewko Valerio Pastro Columbia University April 2, 2015 Lewko, Pastro (Columbia) RSSS & Loc Advs April 2, 2015 1 / 22 Secret Sharing (Informal) (Share , Rec) pair of

505 views • 47 slides
Enforcing ideal-world leakage bounds in real-world secret sharing MPC frameworks Almeida 1 , 4

Enforcing ideal-world leakage bounds in real-world secret sharing MPC frameworks Almeida 1 , 4

Enforcing ideal-world leakage bounds in real-world secret sharing MPC frameworks Almeida 1 , 4 Barbosa 1 , 3 Barthe 2 Jos e Bacelar Manuel Gilles Hugo Pacheco 1 , 4 Vitor Pereira 1 , 3 Bernardo Portela 1 , 3 July 10, 2018 @ CSF 2018 1

282 views • 24 slides
Homomorphic Secret Sharing II Homomorphic Secret Sharing for Branching Programs Under DDH Ele:e

Homomorphic Secret Sharing II Homomorphic Secret Sharing for Branching Programs Under DDH Ele:e

Homomorphic Secret Sharing II Homomorphic Secret Sharing for Branching Programs Under DDH Ele:e Boyle Niv Gilboa Yuval Ishai IDC BGU Technion & UCLA Secure ComputaGon Approaches Classical

342 views • 33 slides
Secret Sharing See: Shamir, How to Share a Secret , CACM, Vol. 22, No. 11, November 1979, pp.

Secret Sharing See: Shamir, How to Share a Secret , CACM, Vol. 22, No. 11, November 1979, pp.

Secret Sharing See: Shamir, How to Share a Secret , CACM, Vol. 22, No. 11, November 1979, pp. 612613 Eli Biham - May 3, 2005 c 497 Secret Sharing (17) How to Keep a Secret Key Securely Information can be secured by encryption under a

597 views • 23 slides
Breaking the Circuit-Size Barrier in Secret Sharing Tianren Liu Vinod Vaikuntanathan MIT MIT

Breaking the Circuit-Size Barrier in Secret Sharing Tianren Liu Vinod Vaikuntanathan MIT MIT

Breaking the Circuit-Size Barrier in Secret Sharing Tianren Liu Vinod Vaikuntanathan MIT MIT 50th ACM Symposium on Theory of Computing June 27, 2018 Secret Sharing [Blakley79,Shamir79,Ito-Saito-Nishizeki87] Secret Secret Sharing

790 views • 75 slides
Secret Sharing Using Non-Commutative Groups Bren Cavallo The Graduate Center, CUNY 5/30/2013

Secret Sharing Using Non-Commutative Groups Bren Cavallo The Graduate Center, CUNY 5/30/2013

Secret Sharing Using Non-Commutative Groups Bren Cavallo The Graduate Center, CUNY 5/30/2013 Outline 1. Introduction 2. Shamir Secret Sharing and Habeeb-Kahrobaei-Shpilrain secret sharing 3. Adjustments to HKS secret sharing and analysis

444 views • 27 slides
Today. Polynomials. Secret Sharing. A secret! I have a secret! A number from 0 to 10. What is

Today. Polynomials. Secret Sharing. A secret! I have a secret! A number from 0 to 10. What is

Today. Polynomials. Secret Sharing. A secret! I have a secret! A number from 0 to 10. What is it? Any one of you knows nothing! Any two of you can figure it out! Example Applications: Nuclear launch: need at least 3 out of 5 people to

513 views • 23 slides
Homomorphic Secret Sharing for Low Degree Polynomials Russell W. F. Lai, Giulio Malavolta , and

Homomorphic Secret Sharing for Low Degree Polynomials Russell W. F. Lai, Giulio Malavolta , and

Homomorphic Secret Sharing for Low Degree Polynomials Russell W. F. Lai, Giulio Malavolta , and Dominique Schrder Friedrich-Alexander University Erlangen-Nrnberg Homomorphic Secret Sharing A secret-sharing scheme allows a client to share his

247 views • 14 slides
Towards Breaking the Exponential Barrier for General Secret Sharing Tianren Liu Vinod

Towards Breaking the Exponential Barrier for General Secret Sharing Tianren Liu Vinod

Towards Breaking the Exponential Barrier for General Secret Sharing Tianren Liu Vinod Vaikuntanathan Hoeteck Wee MIT MIT CNRS and ENS May 6, 2018 Secret Sharing [Blakley79,Shamir79,Ito-Saito-Nishizeki87] Secret s { 0 , 1 }

1.02k views • 85 slides
CS 166: Information Security Secret Sharing, Random Numbers, and Information Hiding Prof. Tom

CS 166: Information Security Secret Sharing, Random Numbers, and Information Hiding Prof. Tom

CS 166: Information Security Secret Sharing, Random Numbers, and Information Hiding Prof. Tom Austin San Jos State University Secret Sharing: Motivation Goal: make secret available, but make it hard to peek. Divide secret among

731 views • 48 slides
Securing Secret Sharing Against Leakage and Tampering Ashutosh Kumar Based on joint works with

Securing Secret Sharing Against Leakage and Tampering Ashutosh Kumar Based on joint works with

Securing Secret Sharing Against Leakage and Tampering Ashutosh Kumar Based on joint works with Vipul Goyal, Raghu Meka, and Amit Sahai Secret Sharing secret s n s 1 s i Correctness: Any out of parties can

1.72k views • 144 slides
CO-AXIAL MONODROMY Alexandre Eremenko (Purdue University) www.math.purdue.edu/eremenko 2018

CO-AXIAL MONODROMY Alexandre Eremenko (Purdue University) www.math.purdue.edu/eremenko 2018

CO-AXIAL MONODROMY Alexandre Eremenko (Purdue University) www.math.purdue.edu/eremenko 2018 We consider a surface S homeomorphic to the sphere and equipped with a Riemannian metric of constant curvature 1 with finitely many conic

533 views • 20 slides
Transversal Theory and Reverse Mathematics Noah A. Hughes hughesna @ appstate.edu Appalachian

Transversal Theory and Reverse Mathematics Noah A. Hughes hughesna @ appstate.edu Appalachian

Transversal Theory and Reverse Mathematics Noah A. Hughes hughesna @ appstate.edu Appalachian State University Boone, NC Thursday, April 3, 2014 National Conference on Undergraduate Research University of Kentucky Transversals Transversals

583 views • 25 slides
Skew Schur functions: do their row overlaps determine their F -supports? Peter McNamara Bucknell

Skew Schur functions: do their row overlaps determine their F -supports? Peter McNamara Bucknell

Skew Schur functions: do their row overlaps determine their F -supports? Peter McNamara Bucknell University Stanley@70 24 June 2014 Slides and paper available from www.facstaff.bucknell.edu/pm040/ F -supports of skew Schur functions Peter

893 views • 35 slides
PROJECT INFORMATION SESSION May 14, 2020 TOPICS TO COVER Project Purpose Project

PROJECT INFORMATION SESSION May 14, 2020 TOPICS TO COVER Project Purpose Project

WETLAND & RIPARIAN INVENTORIES FOR UGB EXPANSION AREAS PROJECT INFORMATION SESSION May 14, 2020 TOPICS TO COVER Project Purpose Project Approach Who is Involved What is Needed to Make it Happen How the Project Will

581 views • 46 slides
PROPERTIES OF SOME ALGEBRAICALLY DEFINED DIGRAPHS Aleksandr Kodess, Felix Lazebnik Department of

PROPERTIES OF SOME ALGEBRAICALLY DEFINED DIGRAPHS Aleksandr Kodess, Felix Lazebnik Department of

PROPERTIES OF SOME ALGEBRAICALLY DEFINED DIGRAPHS Aleksandr Kodess, Felix Lazebnik Department of Mathematical Sciences University of Delaware Modern Trends of Algebraic Graph Theory Aleksandr Kodess, Felix Lazebnik Algebraic Digraphs What is

927 views • 54 slides
Topics in Combinatorial OPtimization Orlando Lee Unicamp 19 de mar co de 2014 Orlando Lee

Topics in Combinatorial OPtimization Orlando Lee Unicamp 19 de mar co de 2014 Orlando Lee

Topics in Combinatorial OPtimization Orlando Lee Unicamp 19 de mar co de 2014 Orlando Lee Unicamp Topics in Combinatorial OPtimization Agradecimentos Este conjunto de slides foram preparados originalmente para o curso T opicos

664 views • 40 slides
Machine Learning - MT 2017 13 Support Vector Machines II Christoph Haase University of Oxford

Machine Learning - MT 2017 13 Support Vector Machines II Christoph Haase University of Oxford

Machine Learning - MT 2017 13 Support Vector Machines II Christoph Haase University of Oxford November 6, 2017 Last Time Primal Formuation of SVM Slack variables for linearly non-separable data 1 SVM Formulation : Non-Separable Case

546 views • 29 slides
Spring term, 2019 Ling 5201 Syntax I 1: Valence, rules and proof Robert Levine Ohio State

Spring term, 2019 Ling 5201 Syntax I 1: Valence, rules and proof Robert Levine Ohio State

Spring term, 2019 Ling 5201 Syntax I 1: Valence, rules and proof Robert Levine Ohio State University levine.1@osu.edu Robert Levine 2019, 5201 (Syntax 1) 1 / 12 Where do syntactic structures come from? (1) John put this book on that table.

501 views • 12 slides

More recommend