Abstract
A publicly verifiable secret sharing (PVSS) scheme is a verifiable secret sharing scheme with the special property that anyone is able to verify the shares whether they are correctly distributed by a dealer. PVSS plays an important role in many applications such as electronic voting, payment systems with revocable anonymity, and key escrow. Up to now, all PVSS schemes are based on the traditional public-key systems. Recently, the pairing-based cryptography has received much attention from cryptographic researchers. Many pairing-based schemes and protocols have been proposed. However, no PVSS scheme using bilinear pairings is proposed. This paper presents the first pairing-based PVSS scheme. In the random oracle model and under the bilinear Diffie-Hellman assumption, the authors prove that the proposed scheme is a secure PVSS scheme.
Similar content being viewed by others
Explore related subjects
Discover the latest articles, news and stories from top researchers in related subjects.References
A. Shamir, How to share a secret, Communications of the ACM, 1979, 22(11): 612–613.
G. R. Blakey, Safeguarding cryptographic keys, AFIPS National Computer Conference, 1979: 313–317.
P. Feldman, A practical scheme for non-interactive verifiable secret sharing, 28th Annual Symposium on Foundations of Computer Science, 1987: 427–437.
M. Stadler, Public verifiable secret sharing, EUROCRYPT, LNCS, 1996, 1070: 190–199.
J. Cohen and M. Fischer, A robust and verifiable cryptographically secure election scheme, 26th Annual Symposium on Foundations of Computer Science, 1985: 372–382.
J. Benaloh and M. Yung, Distributing the power of a government to enhance the privacy of voters, 5th annual ACM symposium on Principles of Distributed Computing, 1986: 52–62.
J. Benaloh, Verifiable secret-ballot elections, PhD Thesis, Yale University, 1987.
S. Micali, Fair cryptosystems, Technical Report TR-579.b, MIT, 1993.
E. Brickell, P. Gemmell, and D. Kravitz, Trustee-based tracing extensions to anonymous cash and the making of anonymous change, 6th Annual ACM-SIAM Symposium on Discrete Algorithms, San Francisco, 1995: 457–466.
M. Stadler, J. M. Piveteau, and J. Camenisch, Fair blind signatures, EUROCRYPT, LNCS, 1995, 921: 209–219.
M. Jakobsson and M. Yung, Revkcable and versatile electronic money, 3rd ACM Conference on Computer and Communications Security, New Delhi, 1996: 76–87.
J. Camenisch, J. M. Piveteau, and M. Stadler, An efficient fair payment system, 3rd ACM Conference on Computer and Communications Security, New Delhi, 1996: 88–94.
B. Schoenmakers, A simple publicly verifiable secret sharing scheme and its application to electronic voting, CRYPTO, LNCS, 1999, 1666: 148–164.
H. Y. Chien, J. K. Jan, and Y. M. Tseng, A practical (t, n) multi-secret sharing scheme, IEICE Trans. on Fundamentals of Electronics, Communications of Computer Sciences, 2000, E83-A(12): 2762–2765.
H. Y. Chien, J. K. Jan, and Y. M. Tseng, An unified approach to secret sharing schemes with low distribution cost, Journal of the Chinese Institute of Engineers, 2002, 25(6): 723–733.
T. P. Pedersen, Non-interactive and information-theoretic secure verifiable secret sharing, CRYPTO, LNCS, 1991, 576: 129–140.
E. Fujisaki and T. Okamoto, A practical and provably secure scheme for publicly verifiable secret sharing and its applications, EUROCRYPT, LNCS, 1998, 1403: 72–84.
J. Yu, F. Kong, and R. Hao, Publicly verifiable secret sharing with enrollment ability, 8th ACIS International Conference on Software Engineering, Artificial Intelligence, Networking, and Parallel/Distributed Computing, Qingdao, 2007: 194–199.
A. Menezes, T. Okamoto, and S. Vanstone, Reducing elliptic curve logarithms to logarithms in a finite field, IEEE Trans. Info. Theory, 1993, 39: 1639–1646.
P. S. L. M. Barreto, H. Y. Kim, B. Lynn, and M. Scott, Efficient algorithms for pairing-based cryptosystems, CRYPTO, LNCS, 2002, 2442: 354–369.
A. Joux, A one round protocol for tripartite Diffie-Hellman, ANTS, LNCS, 2000, 1838: 385–394.
D. Boneh and M. Franklin, Identity-based encryption from the Weil pairing, CRYPTO, LNCS, 2001, 2139: 213–229.
D. Boneh and M. Franklin, Identity-based encryption from theWeil pairing, SIAM J. of Computing, 2003, 32(3): 586–615.
D. Boneh, B. Lynn, and H. Shacham, Short signature from the Weil pairing, ASIACRYPT, LNCS, 2001, 2248: 514–532.
S. D. Galbraith, Supersingular curves in cryptography, ASIACRYPT, LNCS, 2001, 2248: 495–513.
K. Rubin and A. Silverberg, Supersingular abelian varieties in cryptology, CRYPTO, LNCS, 2002, 2442: 336–353.
K. Paterson, ID-based signatures from pairings on elliptic curves, Electronics Letters, 2002, 38(18): 1025–1026.
J. C. Cha and J. H. Cheon, An identity-based signature from gap Diffie-Hellman groups, PKC, LNCS, 2003, 2567: 18–30.
Y. M. Tseng, T. Y. Wu, and J. D. Wu, Forgery attacks on an ID-based partially blind signature scheme, International Journal of Computer Science, 2008, 35(3): 301–304.
H. J. Yoon, J. H. Cheon, and Y. Kim, Batch verifications with ID-based signatures, ICISC, LNCS, 2004, 3506: 233–248.
S. Cui, P. Duan, and C. W. Chan, An efficient identity-based signature scheme with batch verifications, 1st International Conference on Scalable Information Systems, ACM International Conference Proceeding Series, 2006, 152: 22.
P. S. L. M. Barreto, B. Libert, N. McCullagh, and J. J. Quisquater, Efficient and provably-secure identity-based signatures and signcryption from bilinear maps, ASIACRYPT, LNCS, 2005, 3788: 515–532.
L. Chen, Z. Cheng, and N. Smart, Identity-based key agreement protocols from pairings, International Journal of Information Security, 2007, 6(4): 213–241.
K. Y. Choi, J. Y. Hwang, and D. H. Lee, Efficient ID-based group key agreement with bilinear maps, PKC, LNCS, 2004, 2947: 130–144.
N. P. Smart, An identity based authenticated key agreement protocol based on the Weil pairing, Electronics Letters, 2002, 38(13): 630–632.
K. Shim, Efficient ID-based authenticated key agreement protocol based on the Weil pairing, Electronics Letters, 2003, 39(8): 653–654.
Y. J. Choie, E. Jeong, and E. Lee, Efficient identity-based authenticated key agreement protocol from pairings, Applied Mathematics and Computation, 2005, 162(1): 179–188.
Y. M. Tseng, T. Y. Wu, and J. D. Wu, A pairing-based user authentication scheme for wireless clients with smart cards, Informatica, 2008, 19(2): 285–302.
L. Chen and J. Malone-Lee, Improved identity-based signcryption, PKC, LNCS, 2005, 3386: 362–379.
M. Bellare and P. Rogaway, Random oracles are practical: A paradigm for designing efficient protocols, 1st ACM Conference on Computer and Communications Security, Chicago, 1993: 62–73.
R. Canetti, O. Goldreich, and S. Halevi, The random oracle methodology, revisited, JACM, 2004, 51(4): 557–594.
Author information
Authors and Affiliations
Corresponding author
Additional information
This research was partially supported by National Science Council, Taiwan, under Grant No. NSC97-2221-E-018-010-MY3.
This paper was recommended for publication by Editor Xiaoshan GAO.
Rights and permissions
About this article
Cite this article
Wu, TY., Tseng, YM. A pairing-based publicly verifiable secret sharing scheme. J Syst Sci Complex 24, 186–194 (2011). https://doi.org/10.1007/s11424-011-8408-6
Received:
Revised:
Published:
Issue Date:
DOI: https://doi.org/10.1007/s11424-011-8408-6