secret sharing through cellular automata
play

Secret Sharing through Cellular Automata Luca Mariot 1 , 2 1 - PowerPoint PPT Presentation

Apr 07, 2024 •578 likes •1.04k views

Secret Sharing through Cellular Automata Luca Mariot 1 , 2 1 Dipartimento di Informatica, Sistemistica e Comunicazione (DISCo) Universit degli Studi Milano - Bicocca luca.mariot@disco.unimib.it 2 Laboratoire dInformatique, Signaux et

  1. Secret Sharing through Cellular Automata Luca Mariot 1 , 2 1 Dipartimento di Informatica, Sistemistica e Comunicazione (DISCo) Università degli Studi Milano - Bicocca luca.mariot@disco.unimib.it 2 Laboratoire d’Informatique, Signaux et Systèmes de Sophia Antipolis (I3S) Université Nice Sophia Antipolis mariot@i3s.unice.fr May 24, 2016

  2. One-Dimensional Cellular Automata (CA) Definition One-dimensional cellular automaton: triple � n , r , f � where n ∈ N is the number of cells arranged on a one-dimensional array, r ∈ N is the radius and f : { 0 , 1 } 2 r + 1 → { 0 , 1 } is the local rule. Luca Mariot Secret Sharing through Cellular Automata

  3. One-Dimensional Cellular Automata (CA) Definition One-dimensional cellular automaton: triple � n , r , f � where n ∈ N is the number of cells arranged on a one-dimensional array, r ∈ N is the radius and f : { 0 , 1 } 2 r + 1 → { 0 , 1 } is the local rule. Example: n = 8, r = 1, f ( s i − 1 , s i , s i + 1 ) = s i − 1 ⊕ s i ⊕ s i + 1 (Rule 150) ··· 0 ··· 0 1 1 0 1 0 0 0 0 1 0 1 ⇓ Parallel update Global rule F ↓ f ( 1 , 1 , 0 ) = 1 ⊕ 1 ⊕ 0 0 1 0 0 1 1 0 Luca Mariot Secret Sharing through Cellular Automata

  4. One-Dimensional Cellular Automata (CA) Definition One-dimensional cellular automaton: triple � n , r , f � where n ∈ N is the number of cells arranged on a one-dimensional array, r ∈ N is the radius and f : { 0 , 1 } 2 r + 1 → { 0 , 1 } is the local rule. Example: n = 8, r = 1, f ( s i − 1 , s i , s i + 1 ) = s i − 1 ⊕ s i ⊕ s i + 1 (Rule 150) ··· 0 ··· 0 1 1 0 1 0 0 0 0 1 0 1 ⇓ Parallel update Global rule F ↓ f ( 1 , 1 , 0 ) = 1 ⊕ 1 ⊕ 0 0 1 0 0 1 1 0 Remark : No boundary conditions ⇒ The array “shrinks” Luca Mariot Secret Sharing through Cellular Automata

  5. Secret Sharing Schemes (SSS) ◮ Secret sharing scheme: a procedure enabling a dealer to share a secret S among a set P of n players ◮ In ( k , n ) threshold schemes, at least k players out of n are required to recover S Luca Mariot Secret Sharing through Cellular Automata

  6. Secret Sharing Schemes (SSS) ◮ Secret sharing scheme: a procedure enabling a dealer to share a secret S among a set P of n players ◮ In ( k , n ) threshold schemes, at least k players out of n are required to recover S Example: ( 2 , 3 ) –scheme Setup Recovery B 1 P 1 P 1 B 1 S B 2 P 2 P 2 B 2 S S S B 3 P 3 P 3 B 3 Luca Mariot Secret Sharing through Cellular Automata

  7. Bipermutive Rules ◮ Rule f : { 0 , 1 } 2 r + 1 → { 0 , 1 } is called bipermutive if there exists g : { 0 , 1 } 2 r − 1 → { 0 , 1 } such that: f ( x 1 , x 2 , ··· , x 2 r , x 2 r + 1 ) = x 1 ⊕ g ( x 2 , ··· , x 2 r ) ⊕ x 2 r + 1 Luca Mariot Secret Sharing through Cellular Automata

  8. Bipermutive Rules ◮ Rule f : { 0 , 1 } 2 r + 1 → { 0 , 1 } is called bipermutive if there exists g : { 0 , 1 } 2 r − 1 → { 0 , 1 } such that: f ( x 1 , x 2 , ··· , x 2 r , x 2 r + 1 ) = x 1 ⊕ g ( x 2 , ··· , x 2 r ) ⊕ x 2 r + 1 ◮ A preimage p ∈ { 0 , 1 } m + 2 r of c ∈ { 0 , 1 } m is uniquely determined by a block of 2 r cells Luca Mariot Secret Sharing through Cellular Automata

  9. Bipermutive Rules ◮ Rule f : { 0 , 1 } 2 r + 1 → { 0 , 1 } is called bipermutive if there exists g : { 0 , 1 } 2 r − 1 → { 0 , 1 } such that: f ( x 1 , x 2 , ··· , x 2 r , x 2 r + 1 ) = x 1 ⊕ g ( x 2 , ··· , x 2 r ) ⊕ x 2 r + 1 ◮ A preimage p ∈ { 0 , 1 } m + 2 r of c ∈ { 0 , 1 } m is uniquely determined by a block of 2 r cells p = p = ? ? ? ? 0 1 ? ? 1 0 0 0 0 1 0 1 c = c = 1 0 0 1 1 0 1 0 0 1 1 0 (a) Initialization (b) Complete preimage Figure : Example with bipermutive rule 150 Luca Mariot Secret Sharing through Cellular Automata

  10. Basic ( n , n ) Secret Sharing Scheme - Setup Phase 1. The dealer D sets the secret S as an m -bit configuration of a CA, and selects a bipermutive rule of radius r such that 2 r | m t = 0 S Luca Mariot Secret Sharing through Cellular Automata

  11. Basic ( n , n ) Secret Sharing Scheme - Setup Phase 2. D evolves the CA backwards for T = m ( n − 1 ) / 2 r iterations, randomly choosing an initial 2 r -bit block at each step ← → w 1 t = 1 t = 0 S Luca Mariot Secret Sharing through Cellular Automata

  12. Basic ( n , n ) Secret Sharing Scheme - Setup Phase 2. D evolves the CA backwards for T = m ( n − 1 ) / 2 r iterations, randomly choosing an initial 2 r -bit block at each step ← → w 2 t = 2 ← → w 1 t = 1 t = 0 S Luca Mariot Secret Sharing through Cellular Automata

  13. Basic ( n , n ) Secret Sharing Scheme - Setup Phase 3. After T = m ( n − 1 ) / 2 r iterations, the dealer splits the resulting preimage in n blocks of m bits ··· B 1 B n t = T ··· ··· ··· ··· ··· ··· ··· ··· ··· ··· ··· ··· ··· ··· ← → w 2 t = 2 ← → w 1 t = 1 t = 0 S Luca Mariot Secret Sharing through Cellular Automata

  14. Basic ( n , n ) Secret Sharing Scheme - Setup Phase 4. D securely sends one block to each player and publishes the bipermutive rule used P 1 P n ↑ ↑ ··· B 1 B n t = T ··· ··· ··· ··· ··· ··· ··· ··· ··· ··· ··· ··· ··· ··· ← → w 2 t = 2 ← → w 1 t = 1 t = 0 S Luca Mariot Secret Sharing through Cellular Automata

  15. Basic ( n , n ) Secret Sharing Scheme - Recovery Phase 1. The n players pool their shares in the correct order to get the complete preimage of the CA P 1 P n ↓ ↓ ··· B 1 B n t = 0 Luca Mariot Secret Sharing through Cellular Automata

  16. Basic ( n , n ) Secret Sharing Scheme - Recovery Phase 2. The players evolve the CA forward, using the local rule published by the dealer P 1 P n ↓ ↓ ··· B 1 B n t = 0 t = 1 Luca Mariot Secret Sharing through Cellular Automata

  17. Basic ( n , n ) Secret Sharing Scheme - Recovery Phase 2. The players evolve the CA forward, using the local rule published by the dealer P 1 P n ↓ ↓ ··· B 1 B n t = 0 t = 1 t = 2 Luca Mariot Secret Sharing through Cellular Automata

  18. Basic ( n , n ) Secret Sharing Scheme - Recovery Phase 3. The configuration obtained after T = m ( n − 1 ) / 2 r iterations is the secret S . P 1 P n ↓ ↓ ··· B 1 B n t = 0 t = 1 t = 2 ··· ··· ··· ··· ··· ··· ··· ··· t = T S Luca Mariot Secret Sharing through Cellular Automata

  19. Secret Juxtaposition (1/4) 1. Append a copy of the secret S to the right of the final CA image P 1 P k ↑ ↑ ··· B 1 B k ··· ··· ··· ··· ··· ··· ··· ··· ··· ··· ··· ··· ··· S S Luca Mariot Secret Sharing through Cellular Automata

  20. Secret Juxtaposition (2/4) 2. Update the preimages by completing them rightwards (note that it is not necessary to pick extra random bits) P 1 P k ↑ ↑ ··· B 1 B k ··· ··· ··· ··· ··· ··· ··· ··· ··· ··· ··· ··· ··· → S S Luca Mariot Secret Sharing through Cellular Automata

  21. Secret Juxtaposition (3/4) 2. Update the preimages by completing them rightwards (note that it is not necessary to pick extra random bits) P 1 P k ↑ ↑ ··· B 1 B k ··· ··· ··· ··· ··· ··· ··· ··· ··· ··· ··· ··· ··· → → S S Luca Mariot Secret Sharing through Cellular Automata

  22. Secret Juxtaposition (4/4) 3. The last preimage contains an additional block for the new player. The sets { P 1 , ··· , P k } and { P 2 , ··· , P k + 1 } can recover S P 1 P k P k + 1 ↑ ↑ ↑ → ··· B 1 B k B k + 1 ··· ··· ··· ··· ··· ··· ··· ··· ··· ··· ··· ··· ··· ··· ··· ··· → → S S Luca Mariot Secret Sharing through Cellular Automata

  23. Access Structure of the Scheme ◮ ( k , n ) -sequential threshold: at least k consecutive shares are necessary to recover the secret ◮ By continuing to append copies of the secret, the shares will eventually repeat ⇒ cyclic access structure Luca Mariot Secret Sharing through Cellular Automata

  24. Access Structure of the Scheme ◮ ( k , n ) -sequential threshold: at least k consecutive shares are necessary to recover the secret ◮ By continuing to append copies of the secret, the shares will eventually repeat ⇒ cyclic access structure ··· w w B B ··· S S S h ≤ 2 2 r Luca Mariot Secret Sharing through Cellular Automata

  25. Access Structure of the Scheme ◮ ( k , n ) -sequential threshold: at least k consecutive shares are necessary to recover the secret ◮ By continuing to append copies of the secret, the shares will eventually repeat ⇒ cyclic access structure ··· w w B B ··· S S S h ≤ 2 2 r What about real threshold schemes with CA? Luca Mariot Secret Sharing through Cellular Automata

  26. A Different Angle: Latin Squares Definition A Latin square of order N is a N × N matrix L from such that every row and every column are permutations of [ N ] = { 1 , ··· , N } 1 3 4 2 4 2 1 3 3 2 4 1 3 1 2 4 Luca Mariot Secret Sharing through Cellular Automata

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Secret Sharing and Visual Cryptography Outline Secret Sharing Visual Secret Sharing

Secret Sharing and Visual Cryptography Outline Secret Sharing Visual Secret Sharing

Secret Sharing and Visual Cryptography Outline Secret Sharing Visual Secret Sharing Constructions Moir Cryptography Issues Secret Sharing Secret Sharing Threshold Secret Sharing (Shamir, Blakely 1979) Motivation

1.32k views • 62 slides
Advanced Tools from Modern Cryptography Lecture 3 Secret-Sharing (ctd.) Secret-Sharing Last

Advanced Tools from Modern Cryptography Lecture 3 Secret-Sharing (ctd.) Secret-Sharing Last

Advanced Tools from Modern Cryptography Lecture 3 Secret-Sharing (ctd.) Secret-Sharing Last time (n,t) secret-sharing (n,n) via additive secret-sharing Shamir secret-sharing for general (n,t) Shamir secret-sharing is a linear

611 views • 14 slides
Conways Game of Life has been extensively studied as a model for real-world processes, to

Conways Game of Life has been extensively studied as a model for real-world processes, to

E VOLUTION OF C ELLULAR A UTOMATA M ACHINES Alan Fedoruk March 11, 2003 Evolution of Cellular Automata Machines I NTRODUCTION Exploring the use genetic algorithms to evolve rules to program cellular automata Cellular Automata (CA) have been

229 views • 22 slides
Cellular Automata Mus270C Cellular Automata Discrete Dynamical

Cellular Automata Mus270C Cellular Automata Discrete Dynamical

Cellular Automata Mus270C Cellular Automata Discrete Dynamical System Space and 9me Dimension 1-D, 2-D, States Neighborhood and

497 views • 31 slides
Robots & Cellular Julius Mayer Automata Table of Contents Cellular Automata

Robots & Cellular Julius Mayer Automata Table of Contents Cellular Automata

Integrated Seminar: Intelligent Robotics Robots & Cellular Julius Mayer Automata Table of Contents Cellular Automata Introduction 3 Update Rule

523 views • 14 slides
Homomorphic Secret Sharing II Homomorphic Secret Sharing for Branching Programs Under DDH Ele:e

Homomorphic Secret Sharing II Homomorphic Secret Sharing for Branching Programs Under DDH Ele:e

Homomorphic Secret Sharing II Homomorphic Secret Sharing for Branching Programs Under DDH Ele:e Boyle Niv Gilboa Yuval Ishai IDC BGU Technion & UCLA Secure ComputaGon Approaches Classical

342 views • 33 slides
Secret Sharing See: Shamir, How to Share a Secret , CACM, Vol. 22, No. 11, November 1979, pp.

Secret Sharing See: Shamir, How to Share a Secret , CACM, Vol. 22, No. 11, November 1979, pp.

Secret Sharing See: Shamir, How to Share a Secret , CACM, Vol. 22, No. 11, November 1979, pp. 612613 Eli Biham - May 3, 2005 c 497 Secret Sharing (17) How to Keep a Secret Key Securely Information can be secured by encryption under a

597 views • 23 slides
Breaking the Circuit-Size Barrier in Secret Sharing Tianren Liu Vinod Vaikuntanathan MIT MIT

Breaking the Circuit-Size Barrier in Secret Sharing Tianren Liu Vinod Vaikuntanathan MIT MIT

Breaking the Circuit-Size Barrier in Secret Sharing Tianren Liu Vinod Vaikuntanathan MIT MIT 50th ACM Symposium on Theory of Computing June 27, 2018 Secret Sharing [Blakley79,Shamir79,Ito-Saito-Nishizeki87] Secret Secret Sharing

790 views • 75 slides
Secret Sharing Using Non-Commutative Groups Bren Cavallo The Graduate Center, CUNY 5/30/2013

Secret Sharing Using Non-Commutative Groups Bren Cavallo The Graduate Center, CUNY 5/30/2013

Secret Sharing Using Non-Commutative Groups Bren Cavallo The Graduate Center, CUNY 5/30/2013 Outline 1. Introduction 2. Shamir Secret Sharing and Habeeb-Kahrobaei-Shpilrain secret sharing 3. Adjustments to HKS secret sharing and analysis

444 views • 27 slides
Nature-Based Problems in Cellular Automata Martin Kutrib Institut f ur Informatik,

Nature-Based Problems in Cellular Automata Martin Kutrib Institut f ur Informatik,

Nature-Based Problems in Cellular Automata Martin Kutrib Institut f ur Informatik, Universit at Giessen Overview The Dawn of Cellular Automata The French Flag Problem Synchronization of Growing Arrays Oblivious Cellular

854 views • 64 slides
Today. Polynomials. Secret Sharing. A secret! I have a secret! A number from 0 to 10. What is

Today. Polynomials. Secret Sharing. A secret! I have a secret! A number from 0 to 10. What is

Today. Polynomials. Secret Sharing. A secret! I have a secret! A number from 0 to 10. What is it? Any one of you knows nothing! Any two of you can figure it out! Example Applications: Nuclear launch: need at least 3 out of 5 people to

513 views • 23 slides
Homomorphic Secret Sharing for Low Degree Polynomials Russell W. F. Lai, Giulio Malavolta , and

Homomorphic Secret Sharing for Low Degree Polynomials Russell W. F. Lai, Giulio Malavolta , and

Homomorphic Secret Sharing for Low Degree Polynomials Russell W. F. Lai, Giulio Malavolta , and Dominique Schrder Friedrich-Alexander University Erlangen-Nrnberg Homomorphic Secret Sharing A secret-sharing scheme allows a client to share his

247 views • 14 slides
Asymptotic Density of Properties in Cellular Automata Laurent Boyer equipe LIMD, LAMA

Asymptotic Density of Properties in Cellular Automata Laurent Boyer equipe LIMD, LAMA

Asymptotic Density of Properties in Cellular Automata Laurent Boyer equipe LIMD, LAMA (Universit e de Savoie CNRS) LIPN 15 mars 2011 1/32 Density of Properties in Cellular Automata Cellular Automata Introduction Limit

1.44k views • 142 slides
Towards Breaking the Exponential Barrier for General Secret Sharing Tianren Liu Vinod

Towards Breaking the Exponential Barrier for General Secret Sharing Tianren Liu Vinod

Towards Breaking the Exponential Barrier for General Secret Sharing Tianren Liu Vinod Vaikuntanathan Hoeteck Wee MIT MIT CNRS and ENS May 6, 2018 Secret Sharing [Blakley79,Shamir79,Ito-Saito-Nishizeki87] Secret s { 0 , 1 }

1.02k views • 85 slides
{ Formally, we can characterize the 2D Moore neighbourhood c i ( t+ 1) = N ij ( r ) of radius r in

{ Formally, we can characterize the 2D Moore neighbourhood c i ( t+ 1) = N ij ( r ) of radius r in

Two-Dimensional Cellular Automata 2 Christian Jacob, University of Calgary Two-dimensional CA Neighbourhoods Totalistic Cellular Automata Consider the following 1D CA rule: 111 110 101

285 views • 11 slides
CS 166: Information Security Secret Sharing, Random Numbers, and Information Hiding Prof. Tom

CS 166: Information Security Secret Sharing, Random Numbers, and Information Hiding Prof. Tom

CS 166: Information Security Secret Sharing, Random Numbers, and Information Hiding Prof. Tom Austin San Jos State University Secret Sharing: Motivation Goal: make secret available, but make it hard to peek. Divide secret among

731 views • 48 slides
Comparison of Many Categories in Small-Multiple Displays J. Kehrer 1,2 , H. Piringer 2 , W. Berger

Comparison of Many Categories in Small-Multiple Displays J. Kehrer 1,2 , H. Piringer 2 , W. Berger

A Model for Structure-based Comparison of Many Categories in Small-Multiple Displays J. Kehrer 1,2 , H. Piringer 2 , W. Berger 2 , M. E. Grller 1 1 Institute of Computer Graphics & Algorithms, Vienna University of Technology, Austria 2

216 views • 20 slides
Week 4: Tamara on travel Thu Oct 6 - Mon Oct 10 Todays format Manipulate, Facet,

Week 4: Tamara on travel Thu Oct 6 - Mon Oct 10 Todays format Manipulate, Facet,

Whereabouts News Caitlin on travel this week and next week Assign 2 marks not out yet dont expect email answers until she returns; email Tamara instead! stay tuned, just got back from Stanford late last night Week 4:

328 views • 4 slides
Prose What You Should Already Know h s a p g r r a P a i n e n t t W r i Types

Prose What You Should Already Know h s a p g r r a P a i n e n t t W r i Types

Prose What You Should Already Know h s a p g r r a P a i n e n t t W r i Types of Prose Nonfiction (based on fact rather than on the imagination, although may can contain fictional elements) -essay, biography, letter, diary,

533 views • 25 slides
Exploring Visual Comparison of Multivariate Runtime Statistics Hagen Tarner, Veit Frick, Martin

Exploring Visual Comparison of Multivariate Runtime Statistics Hagen Tarner, Veit Frick, Martin

9TH SYMPOSIUM ON SOFTWARE PERFORMANCE 2018 Exploring Visual Comparison of Multivariate Runtime Statistics Hagen Tarner, Veit Frick, Martin Pinzger, and Fabian Beck Motivation Performance data is multivariate VIS o ff ers techniques for this

400 views • 29 slides
Facet into Mul-ple Views Facet Facet = Split

Facet into Mul-ple Views Facet Facet = Split

Facet into Mul-ple Views Facet Facet = Split For data sets of mul-ple a8ributes, -me-varying, and high complexity Main issues: how

540 views • 15 slides
Blending Blending Elements of two input spaces are projected into a third space, the

Blending Blending Elements of two input spaces are projected into a third space, the

Blending Blending Elements of two input spaces are projected into a third space, the blend, which contains elements of both, but is distinct from either one Non-linguistic blending Faces seen as combinations of parents

608 views • 24 slides
Week 3 recap Need to know for this course Recursion Be very comfortable with recursive

Week 3 recap Need to know for this course Recursion Be very comfortable with recursive

Week 3 recap Need to know for this course Recursion Be very comfortable with recursive definitions Recursive datatypes and functions Know how to do structural induction Induction and structural induction 1 2 Summary of topics Well-formed

754 views • 39 slides
Continued Permafrost Warming on the Arctic Slope of Alaska, 2014 Update Gary Clow USGS/INSTAAR

Continued Permafrost Warming on the Arctic Slope of Alaska, 2014 Update Gary Clow USGS/INSTAAR

Continued Permafrost Warming on the Arctic Slope of Alaska, 2014 Update Gary Clow USGS/INSTAAR Alaska Climate Divisions Bieniek et al. (2014) Statewide Air-Temperature Anomaly dT = +0.9 K 5-yr running ave Bieniek et al. (2014) Statewide

451 views • 34 slides

More recommend