Abstract
Secret sharing schemes with general monotone access structures have been widely discussed in the literature. But in some scenarios, non-monotone access structures may have more practical significance. In this paper, we shed a new light on secret sharing schemes realizing general (not necessarily monotone) access structures. Based on an attack model for secret sharing schemes with general access structures, we redefine perfect secret sharing schemes, which is a generalization of the known concept of perfect secret sharing schemes with monotone access structures. Then, we provide for the first time two constructions of perfect secret sharing schemes with general access structures. The first construction can be seen as a democratic scheme in the sense that the shares are generated by the players themselves. Our second construction significantly enhances the efficiency of the system, where the shares are distributed by the trusted center (TC).
This work is supported by the National Key Basic Research Program of China under Grant 2013CB834204. Due to the limited pages, a full version of this paper is available in [24].
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsNotes
- 1.
A formal proof of this lemma is provided in a full version of this paper [24].
References
Beimel, A.: Secret-sharing schemes: a survey. In: Chee, Y.M., Guo, Z., Ling, S., Shao, F., Tang, Y., Wang, H., Xing, C. (eds.) IWCC 2011. LNCS, vol. 6639, pp. 11–46. Springer, Heidelberg (2011)
Benaloh, J.C., Leichter, J.: Generalized secret sharing and monotone functions. In: Goldwasser, S. (ed.) CRYPTO 1988. LNCS, vol. 403, pp. 27–35. Springer, Heidelberg (1990)
Benaloh, J.: General linear secret sharing (extended abstract). http://research.microsoft.com/pubs/68477/glss.ps
Ben-Or, M., Goldwasser, S., Wigderson, A.: Completeness theorems for non-cryptographic fault-tolerant distributed computation. In: Proceedings of the 20th Annual ACM Symposium on Theory of Computing, pp. 1–10. ACM, New York (1988)
Blakley, G.R.: Safeguarding cryptographic keys. In: Proceedings of the National Computer Conference, pp. 313–317. AFIPS Press, New York (1979)
Blakley, G.R., Kabatianskii, G.A.: Linear algebra aproach to secret sharing schemes. In: Chmora, A., Wicker, S.B. (eds.) Workshop on Information Protection. LNCS, vol. 829, pp. 33–40. Springer, Heidelberg (1994)
Brickell, E.F.: Some ideal secret sharing schemes. In: Quisquater, J.-J., Vandewalle, J. (eds.) EUROCRYPT 1989. LNCS, vol. 434, pp. 468–475. Springer, Heidelberg (1990)
Brickell, E.F., Stinson, D.R.: Some improved bounds on the information rate of perfect secret sharing schemes. J. Cryptol. 5(3), 153–166 (1992)
Camion, P., Canteaut, A.: Construction of \(t\)-resilient functions over a finite alphabet. In: Maurer, U.M. (ed.) EUROCRYPT 1996. LNCS, vol. 1070, pp. 283–293. Springer, Heidelberg (1996)
Camion, P., Canteaut, A.: Correlation-immune and resilient functions over a finite alphabet and their applications in cryptography. Des. Codes Crypt. 16(2), 121–149 (1995)
Carlet, C.: More correlation-immune and resilient functions over galois fields and galois rings. In: Fumy, W. (ed.) EUROCRYPT 1997. LNCS, vol. 1233, pp. 422–433. Springer, Heidelberg (1997)
Carlet, C., Ding, C., Yuan, J.: Linear codes from perfect nonlinear mappings and their secret sharing schemes. IEEE Trans. Inf. Theory 51(6), 2089–2102 (2005)
Carpentieri, M.: A perfect threshold secret sharing scheme to identify cheaters. Des. Codes Crypt. 5(3), 183–186 (1995)
Cramer, R., Damgård, I.B., Maurer, U.M.: General secure multi-party computation from any linear secret-sharing scheme. In: Preneel, B. (ed.) EUROCRYPT 2000. LNCS, vol. 1807, pp. 316–334. Springer, Heidelberg (2000)
Cramer, R., Damgård, I., Nielsen, J.B.: Secure Multiparty Computation and Secret Sharing: An Information Theoretic Approach. https://users-cs.au.dk/jbn/mpc-book.pdf
Cohen, G.D., Mesnager, S., Patey, A.: On minimal and quasi-minimal linear codes. In: Stam, M. (ed.) IMACC 2013. LNCS, vol. 8308, pp. 85–98. Springer, Heidelberg (2013)
Ding, C., Pei, D., Salomaa, A.: Chinese Remainder Theorem: Applications in Computing, Coding, Cryptography. World Scientific Publishing Co. Pte. Ltd., Singapore (1996)
Ding, K., Ding, C.: A class of two-weight and three-weight codes and their applications in secret sharing. IEEE Trans. Inf. Theory 61(11), 5835–5842 (2015)
Gopalakrishnan, K., Stinson, D.R.: Three characterizations of non-binary correlation-immune and resilient functions. Des. Codes Crypt. 5(3), 241–251 (1995)
Gupta, K.C., Sarkar, P.: Improved construction of nonlinear resilient S-boxes. IEEE Trans. Inf. Theor. 51(1), 339–348 (2005)
Ito, M., Saito, A., Nishizeki, T.: Secret sharing schemes realizing general access structure. Electron. Comm. Jpn. Pt. III 72(9), 56–64 (1989)
Karchmer, M., Wigderson, A.: On span programs. In: Proceedings of the 8th IEEE Structure in Complexity Theory, pp. 102–111. IEEE (1993)
Lee, C.-Y., Wang, Z.-H., Harn, L., Chang, C.-C.: Secure key transfer protocol based on secret sharing for group communications. IEICE Trans. Inf. Syst. E94–D(11), 2069–2076 (2011)
Liu, J., Mesnager, S., Chen, L.: Secret sharing schemes with general access structures (full version). Cryptology ePrint Archive, Report 2015/1139 (2015). https://eprint.iacr.org/2015/1139
Massey, J.: Minimal codewords and secret sharing. In: Proceedings of the 6th Joint Swedish-Russian International Workshop on Information Theory, pp. 276–279 (1993)
McEliece, R.J., Sarwate, D.V.: On sharing secrets and Reed-Solomon codes. Commun. ACM 24(9), 583–584 (1981)
Pieprzyk, J., Zhang, X.-M.: Ideal threshold schemes from MDS codes. In: Lee, P.J., Lim, C.H. (eds.) ICISC 2002. LNCS, vol. 2587, pp. 253–263. Springer, Heidelberg (2003)
Pless, V., Brualdi, R.A., Huffman, W.C.: Handbook of Coding Theory. Elsevier Science Inc., New York (1998)
Shamir, A.: How to share a secret. Commun. ACM 22(11), 612–613 (1979)
Stinson, D.R.: Cryptography: Theory and Practice, 3rd edn. CRC Press, Boca Raton (2006)
Stinson, D.R.: Combinatorial Designs: Construction and Analysis. Springer, New York (2004)
Yao, A.C.: Protocols for secure computations. In: Proceedings of the 23rd Annual Symposium on Foundations of Computer Science, pp. 160–164. IEEE (1982)
Zhang, J., Li, X., Fu, F.-W.: Multi-receiver authentication scheme for multiple messages based on linear codes. In: Huang, X., Zhou, J. (eds.) ISPEC 2014. LNCS, vol. 8434, pp. 287–301. Springer, Heidelberg (2014)
Zhang, X.-M., Zheng, Y.: Cryptographically resilient functions. IEEE Trans. Inf. Theor. 43(5), 1740–1747 (1997)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Appendix: An Example of Secret Sharing Scheme II
Appendix: An Example of Secret Sharing Scheme II
We illustrate Secret Sharing Scheme II by the following example, where the q-ary function F is constructed by Construction III in Table 5.
Example 1
Let \(\mathcal {P}=\{\mathrm {P}_1,\mathrm {P}_2,\mathrm {P}_3,\mathrm {P}_4\}\) and \(\varGamma =\{A_1=\{\mathrm {P}_1,\mathrm {P}_2,\mathrm {P}_3\},A_2=\{\mathrm {P}_1,\mathrm {P}_2,\) \(\mathrm {P}_4\},A_3=\{\mathrm {P}_3,\mathrm {P}_4\}, A_4=\{\mathrm {P}_1,\mathrm {P}_2,\mathrm {P}_3,\mathrm {P}_4\}\}\). The set of secret keys is \(\mathcal {\mathbf {K}}=\mathbb {F}_8^*=\{1,\alpha ,\alpha ^2,\ldots ,\alpha ^6\}\), where \(\alpha \) is a primitive element of \(\mathbb {F}_8\). Suppose that TC wants to share \(k=\alpha ^5\) as the secret key. Following Construction III, TC defines \(\phi : \mathbb {F}_8^*\rightarrow \mathbb {F}_{7}\) as \(\phi (\gamma )=\log _{\alpha }\gamma \), which means that if \(\gamma =\alpha ^a\in \mathbb {F}_8^*\) for some integer a, then \(\log _{\alpha }\gamma =a\). For the access structure \(\varGamma \), TC chooses
as the 7-ary linear resilient functions (see [9] for more details). After that, TC computes and secretly transmits the shares
to \(\mathrm {P}_1\), \(\mathrm {P}_2\), \(\mathrm {P}_3\), \(\mathrm {P}_4\) respectively. From (23), the 8-ary function F is defined as
where \(x\in \mathbb {F}_8^4\), \(\tilde{x}\) denotes the vector obtained by deleting all the zero coordinates of x, and for every forbidden group \(A\in \varDelta = 2^{\mathcal {P}}\setminus \varGamma \), \(F|_A=0\). Finally, TC publishes \(F(x)=(1-x_4^7)x_1^2x_2^3x_3+(1-x_3^7)x_1x_2^2x_4^3+(1-x_1^7)(1-x_2^7)x_3^2x_4^4+\alpha x_1x_2x_3x_4=x_3^2x_4^4\,+\,x_1^2x_2^3x_3\,+\,x_1x_2^2x_4^3\,-\,x_1^7x_3^2x_4^4\,-\,x_2^7x_3^2x_4^4\,+\,\alpha x_1x_2x_3x_4\,-\,x_1^2x_2^3x_3x_4^7\,-\,x_1x_2^2x_3^7x_4^3\,+\,x_1^7x_2^7x_3^2x_4^4.\)
Due to Theorem 4, this secret sharing scheme is perfect. In fact, assume that the players in the forbidden group \(B=\{\mathrm {P}_1,\mathrm {P}_3,\mathrm {P}_4\}\in \varDelta \) are collaborating to reconstruct the secret key. Their recovery algorithm defined in (15) is \(f_B(x_1,x_3,x_4)=(1-x_1^7)x_3^2x_4^4\), which equals 0 for any \((x_1,x_3,x_4)\in (\mathbb {F}_8^*)^3\). Suppose that they try to use the recovery algorithms
which are functions defined on \((\mathbb {F}_8^*)^3\), \((\mathbb {F}_8^*)^3\), and \((\mathbb {F}_8^*)^4\) respectively. For the players \(\mathrm {P}_1\), \(\mathrm {P}_3\), and \(\mathrm {P}_4\), the values of \(s_2^{(A_1)}\), \(s_2^{(A_2)}\), and \(s_2^{(A_4)}\) are unknown random values, thus according to (21), the secret key can be guessed correctly with probability \(1/|\mathcal {\mathbf {K}}|\), i.e., the players in B can learn nothing about the secret key. Similar discussion holds for other forbidden groups.
Moreover, it is clear that the information rate of this scheme is
Rights and permissions
Copyright information
© 2016 Springer International Publishing Switzerland
About this paper
Cite this paper
Liu, J., Mesnager, S., Chen, L. (2016). Secret Sharing Schemes with General Access Structures. In: Lin, D., Wang, X., Yung, M. (eds) Information Security and Cryptology. Inscrypt 2015. Lecture Notes in Computer Science(), vol 9589. Springer, Cham. https://doi.org/10.1007/978-3-319-38898-4_20
Download citation
DOI: https://doi.org/10.1007/978-3-319-38898-4_20
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-38897-7
Online ISBN: 978-3-319-38898-4
eBook Packages: Computer ScienceComputer Science (R0)