Abstract
A threshold changeable secret sharing (TCSS) scheme is designed for changing the initial threshold pair of the privacy threshold and reconstruction threshold to a given threshold pair after the dealer distributes shares to participants, while a universal threshold changeable secret sharing (uTCSS) scheme is threshold changeable to multiple new threshold pairs. We focus on the threshold changeability in a dealer-free scenario with an outside adversary and the absence of secure channels among participants. There are some known threshold change regimes that are realized by (optimal) TCSS schemes or (optimal) uTCSS schemes. In this work, by combining the frequently used two methods in previous constructions: folding shares of a given secret sharing scheme and packing shares of multiple secret sharing schemes, we construct an optimal TCSS scheme and an optimal uTCSS scheme with a new threshold change regime, respectively. This helps us determine the full threshold change range that can be realized by optimal TCSS schemes and optimal uTCSS schemes, respectively. Moreover, we construct some near optimal TCSS schemes to show that the full threshold change range of TCSS schemes (without requiring optimality) is completely covered by the threshold change regimes of our near optimal TCSS schemes together with the full threshold change range of optimal TCSS schemes.
Similar content being viewed by others
References
Barwick S.G., Jackson W., Martin K.M.: Updating the parameters of a threshold scheme by minimal broadcast. IEEE Trans. Inf. Theory 51(2), 620–633 (2005).
Bitar R., El Rouayheb S.: Staircase codes for secret sharing with optimal communication and read overheads. In: ISIT 2016, pp. 1396–1400. IEEE, Barcelona, Spain (2016).
Bitar R., El Rouayheb S.: Staircase codes for secret sharing with optimal communication and read overheads. IEEE Trans. Inf. Theory 64(6), 4191–4206 (2018).
Blakley G.R.: Safeguarding cryptographic keys. In: Proceedings of the National Computer Conference’1979, AFIPS Proceedings, vol. 48, pp. 313–317 (1979).
Blakley G.R., Meadows C.: Security of ramp schemes. In: Advances in Cryptology-CRYPTO’1984, vol. 196, pp. 242–268. Lecture Notes in Computer Science. Springer, Berlin (1985).
Blundo C., Cresti A., De Santis A., Vaccaro U.: Fully dynamic secret sharing schemes. In: Advances in Cryptology-CRYPTO’1993, vol. 773, pp. 110–125. Lecture Notes in Computer Science. Springer, Berlin (1993).
Bogdanov A., Guo S., Komargodski I.: Threshold secret sharing requires a linear size alphabet. In: TCC 2016, vol. 9986, pp. 471–484. LNCS. Springer, Heidelberg (2016).
Cramer R., Damgård I., Nielsen J.B.: Secure Multiparty Computation and Secret Sharing. Cambridge University Press, Cambridge (2015).
Desmedt Y.: Threshold cryptography. In: Encyclopedia of Cryptography and Security, pp. 1288–1293. Springer, Boston (2011).
Desmedty Y., Jajodiay S.: Redistributing secret shares to new access structures and its applications. Technical Report ISSE TR-97-01, George Mason University, Fairfax (1997).
Ding J., Lin C., Lin F.: Optimal threshold secret sharing with new threshold change range. In: K. Nguyen et al. (eds.) ProvSec 2020, Lecture Notes in Computer Science 12505, pp. 361–378 (2020).
Ding J., Lin C., Wang H., Xing C.: Communication efficient secret sharing with small share size. IEEE Trans. Inf. Theory 68(1), 659–669 (2022).
Huang W., Bruck J.: Secret sharing with optimal decoding and repair bandwidth. In: IEEE International Symposium on Information Theory (ISIT), pp. 1813–1817 (2017).
Huang W., Langberg M., Kliewer J., Bruck J.: Communication efficient secret sharing. IEEE Trans. Inf. Theory 62(12), 7195–7206 (2016).
Jackson W.-A., Martin K.M.: A combinatorial interpretation of ramp schemes. Australas. J. Comb. 14, 51–60 (1996).
Jia X., Wang D., Nie D., Luo X., Sun J.Z.: A new threshold changeable secret sharing scheme based on the Chinese remainder theorem. Inf. Sci. 473, 13–30 (2019).
Lin F., Cheraghchi M., Guruswami V., Safavi-Naini R., Wang H.: Secret sharing with binary shares. In: 10th Innovations in Theoretical Computer Science Conference (ITCS 2019). Schloss Dagstuhl-Leibniz-Zentrum fuer Informatik, pp. 53:1–53:20 (2018).
Lin F., Ling S., Wang H., Zeng N.: Threshold changeable ramp secret sharing. In: Cryptology and Network Security. CANS 2019. Lecture Notes in Computer Science, vol. 11829, pp. 308–327. Springer, Cham (2019).
Martin K.M., Pieprzyk J., Safavi-Naini R., Wang H.: Changing thresholds in the absence of secure channels. In: Information Security and Privacy. ACISP 1999. Lecture Notes in Computer Science, vol. 1587, pp. 177–191. Springer, Berlin (1999).
Maeda A., Miyaji A., Tada M.: Efficient and unconditionally secure verifiable threshold changeable scheme. In: Information Security and Privacy. ACISP 2001. Lecture Notes in Computer Science, vol. 2119, pp. 403–416. Springer, Berlin (2001).
Martínez-Peñas U.: Communication efficient and strongly secure secret sharing schemes based on algebraic geometry codes. IEEE Trans. Inf. Theory 64(6), 4191–4206 (2018).
Nielsen J.B., Simkin M.: Lower bounds for leakage-resilient secret sharing. In: Advances in Cryptology-EUROCRYPT’2020. Lecture Notes in Computer Science, vol. 12105, pp. 556–577. Springer, New York (2020).
Shamir A.: How to share a secret. Commun. ACM 22(11), 612–613 (1979).
Steinfeld R., Pieprzyk J., Wang H.: Lattice-based threshold-changeability for standard CRT secret-sharing schemes. Finite Fields Appl. 12(4), 653–680 (2006).
Steinfeld R., Pieprzyk J., Wang H.: Lattice-based threshold changeability for standard shamir secret-sharing schemes. IEEE Trans. Inf. Theory 53(7), 2542–2559 (2007).
Wang H., Wong D.S.: On secret reconstruction in secret sharing schemes. IEEE Trans. Inf. Theory 54(1), 473–480 (2008).
Zhang Z., Chee Y.M., Ling S., Liu M., Wang H.: Threshold changeable secret sharing schemes revisited. Theoret. Comput. Sci. 418, 106–115 (2012).
Author information
Authors and Affiliations
Corresponding author
Additional information
Communicated by R. Steinfeld.
Publisher's Note
Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.
The work of Jian Ding was supported in part by Key Construction Discipline of Chaohu University under Grant kj22zdjsxk01, in part by High-level Talents Research Project of Chaohu University under Grant KYQD-202220, and in part by Transverse Research Project of Chaohu University under Grant hxkt20220222. The work of Changlu Lin was supported in part by National Natural Science Foundation of China under Grant U1705264 and Grant 61572132, and in part by Natural Science Foundation of Fujian Province under Grant 2019J01275. The work of Fuchun Lin was supported by EPSRC under Grant EP/S021043/1. This research of Wang is supported by the National Research Foundation, Singapore under its Strategic Capability Research Centres Funding Initiative. Any opinions, findings and conclusions or recommendations expressed in this material are those of the authors and do not reflect the views of National Research Foundation, Singapore. This paper was presented in part at the 14th International Conference On Provable and Practical Security (ProvSec 2020) [11].
Appendix: Threshold change regimes of near optimal TCSS schemes
Appendix: Threshold change regimes of near optimal TCSS schemes
We need to prove that there is a \((t,r,n)\rightarrow (t^{\prime },r^{\prime },n)\) ramp scheme with a threshold change regime
Observe that this threshold change regime is the union of the following four regimes.
-
Case 1: \(1<\dfrac{r^{\prime }}{r}<\dfrac{t^{\prime }}{t}, t^{\prime }<r, t<r\le n, ~\textrm{and}~ t^{\prime }<r^{\prime }\le n\), i.e., \(1<\dfrac{r^{\prime }}{r}<\dfrac{t^{\prime }}{t}\) and \(t<t^{\prime }<r<r^{\prime }\le n\).
-
Case 2: \(1<\dfrac{r^{\prime }}{r}<\dfrac{t^{\prime }}{t}, 2<r\le t^{\prime }, t<r\le n, ~\textrm{and}~ t^{\prime }<r^{\prime }\le n\), i.e., \(1<\dfrac{r^{\prime }}{r}<\dfrac{t^{\prime }}{t}, t<r\le t^{\prime }<r^{\prime }\le n\) and \(r>2\).
-
Case 3: \(1<\dfrac{r^{\prime }}{r}<\dfrac{t^{\prime }}{t}, r=2, t<r\le n, ~\textrm{and}~ t^{\prime }<r^{\prime }\le n\).
-
Case 4: \(1=\dfrac{r^{\prime }}{r}<\dfrac{t^{\prime }}{t}, t<r\le n, ~\textrm{and}~ t^{\prime }<r^{\prime }\le n.\)
The proof is constructive. We construct a \((t,r,n)\rightarrow (t^{\prime },r^{\prime },n)\) ramp scheme with a threshold change regime \(t<t^{\prime }<r<r^{\prime }\le n\), which contains Case 1. This TCSS scheme will be taken as a building block to construct TCSS schemes with the threshold change regimes of Case 2, Case 3 and Case 4.
Case 1: \(1<\dfrac{r^{\prime }}{r}<\dfrac{t^{\prime }}{t}\) and \(t<t^{\prime }<r<r^{\prime }\le n\)
The Construction 2 is inspired by Huang et al. [14]. Their main difference lies in the number of random key coefficients.
Similar to the proof of Huang et al. [14], we know that Construction 2 gives a \((t,r,n)\rightarrow (t^{\prime },r^{\prime },n)\) ramp scheme for \(t<t^{\prime }<r<r^{\prime }\le n\). Besides, it requires \(r>2\), since \(1\le t<t^{\prime }<r<r^{\prime }\).
Case 2: \(1<\dfrac{r^{\prime }}{r}<\dfrac{t^{\prime }}{t}, t<r\le t^{\prime }<r^{\prime }\le n\) and \(r>2\)
Proposition 2
Let \(1<\dfrac{r^{\prime }}{r}<\dfrac{t^{\prime }}{t}, t<r\le t^{\prime }<r^{\prime }\le n\) and \(r>2\). Let \(v=t^{\prime }, u=r-1\) and \(e=\min \{(r-1)(r^{\prime }-t^{\prime }),t^{\prime }\}-1\), then \((r-1)v<(r-1)v+e<rv\) and \(tv\le t^{\prime }u<(r-1)v+e<r^{\prime }u\).
Proof
Since \(e=\min \{(r-1)(r^{\prime }-t^{\prime }),t^{\prime }\}-1\) and \(v=t^{\prime }\ge r>2\), then
which implies that \((r-1)v<(r-1)v+e<rv\).
On the other hand, since \(t<r\le t^{\prime }<r^{\prime }\) and \(1\le e\le (r-1)(r^{\prime }-t^{\prime })-1\), then we have
Therefore, we have \(tv\le t^{\prime }u<(r-1)v+e<r^{\prime }u\). \(\square \)
From Proposition 2 and Construction 2, there is a \((tv, (r-1)v+e, nv)\rightarrow (t^{\prime }u,r^{\prime }u,nv)\) ramp scheme, and hence there is a \((t,r,n)\rightarrow (t^{\prime },r^{\prime },n)\) ramp scheme with the threshold change regime in Case 2 (see Fig. 2).
Case 3: \(1<\dfrac{r^{\prime }}{r}<\dfrac{t^{\prime }}{t}, r=2, t<r\le n, ~\textrm{and}~ t^{\prime }<r^{\prime }\le n\)
In this case, we have \(t=1\) and \(2\le t^{\prime }<r^{\prime }\). Now, we let \(v=2t^{\prime }\) and \(u=2\). It is easy to check that
From the construction of Huang et al. [14], there is a \((v, v+1, nv)\rightarrow (t^{\prime }u,r^{\prime }u,nv)\) ramp scheme, and hence there is a \((t,r,n)\rightarrow (t^{\prime },r^{\prime },n)\) ramp scheme with the threshold change regime in Case 3 (see Fig. 3).
Case 4: \(1=\dfrac{r^{\prime }}{r}<\dfrac{t^{\prime }}{t}, t<r\le n, ~\textrm{and}~ t^{\prime }<r^{\prime }\le n\)
Since \(t^{\prime }<r^{\prime }\), then \(1=\dfrac{r^{\prime }}{r}<\dfrac{t^{\prime }}{t}\) is equivalent to \(t<t^{\prime }<r=r^{\prime }\). Let \(u=v=2\), then
which means that there is a \((tv, (r-1)v+1, nv)\rightarrow (t^{\prime }u,r^{\prime }u,nv)\) ramp scheme from Construction 2. Therefore, there is a \((t,r,n)\rightarrow (t^{\prime },r^{\prime },n)\) ramp scheme with the threshold change regime in Case 4 (see Fig. 4).
Rights and permissions
Springer Nature or its licensor (e.g. a society or other partner) holds exclusive rights to this article under a publishing agreement with the author(s) or other rightsholder(s); author self-archiving of the accepted manuscript version of this article is solely governed by the terms of such publishing agreement and applicable law.
About this article
Cite this article
Ding, J., Lin, C., Lin, F. et al. Full threshold change range of threshold changeable secret sharing. Des. Codes Cryptogr. 91, 2421–2447 (2023). https://doi.org/10.1007/s10623-023-01205-9
Received:
Revised:
Accepted:
Published:
Issue Date:
DOI: https://doi.org/10.1007/s10623-023-01205-9
Keywords
- Threshold changeable secret sharing
- Threshold secret sharing
- Ramp scheme
- Communication efficient secret sharing