Skip to main content
SpringerLink
Log in

Threshold distributed access control with public verification: a practical application of PVSS

  • Regular Contribution
  • Published:
International Journal of Information Security Aims and scope Submit manuscript

Abstract

To avoid too strong a trust on any single user in sensitive applications, access control can be managed in a distributed way. Namely, an access right is distributed among multiple users such that the access is available if and only if certain subsets of the users cooperate. The most common condition for qualified subsets is the threshold condition, which requires that the number of cooperating users must be over a threshold. Access control based on such a condition is called TDAC (threshold distributed access control). In publicly verifiable applications, TDAC must provide public verification such that it is publicly verifiable that the multiple users share the correct access right and any qualified subset of them can obtain the access. Although the existing PVSS (publicly verifiable secret sharing) techniques can be employed to implement PVTDAC (publicly verifiable TDAC), they are not efficient enough for practical applications. In this paper, new sharing and proof techniques are proposed to design an efficient PVTDAC protocol, which is formally illustrated to be secure and publicly verifiable.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Similar content being viewed by others

References

  1. Benaloh, J.: Secret Sharing Homomorphisms: keeping Shares of a Secret. In CRYPTO ’86, pp. 251–260

  2. Boneh D., Shacham H.: Fast variants of RSA. CryptoBytes 5(1), 1–9 (2002)

    Google Scholar 

  3. Boudot, F., Traore, J.: Efficient publicly verifiable secret sharing schemes with fast or delayed recovery. In ICICS ’99, pp. 87–102

  4. Boudot, F.: Efficient proofs that a committed number lies in an interval. In EUROCRYPT ’00, LNCS 1807, pp. 431–444

  5. Coppersmith D.: Small solutions to polynomial equations, and low exponent RSA vulnerabilities. J. Cryptol. 10(4), 233–260 (1997)

    Article  MathSciNet  MATH  Google Scholar 

  6. Camenisch, J., Michels, M.: A group signature scheme with improved efficiency. In ASIACRYPT ’98, LNCS 1514, pp. 160–174

  7. Cramer, R., Damgård, I., Schoenmakers, B.: Proofs of partial knowledge and simplified design of witness hiding protocols. In CRYPTO ’94, LNCS 839, pp. 174–187

  8. Damgård, I., Fujisaki, E.: A statistically-hiding integer commitment scheme based on groups with hidden order. In ASIACRYPT ’02, LNCS 2501, pp. 125–142

  9. Feldman, P.: A practical scheme for non-interactive verifiable secret sharing. In FOCS ’87, pp. 427–437

  10. Fujisaki, E., Okamoto, T.: Statistical zero knowledge protocols to prove modular polynomial relations. In CRYPTO ’97, Volume 1807 of Lecture Notes in Computer Science, pp. 16–30

  11. Groth, J.: Non-interactive zero-knowledge arguments for voting. In ACNS ’05, LNCS 3531, pp. 467–482

  12. Fujisaki, E., Okamoto, T.: A practical and provably secure scheme for publicly verifiable secret sharing and its applications. In EUROCRYPT ’98, LNCS 1403, pp. 32–46

  13. Lipmaa, H.: On diophantine complexity and statistical zero-knowledge arguments. In ASIACRYPT ’03, LNCS 2894, pp. 398–415

  14. Schnorr, C.: Efficient signature generation by smart cards. J. Cryptol. 4, 161–174 (1991)

    Google Scholar 

  15. Paillier, P.: Public key cryptosystem based on composite degree residuosity classes. In EUROCRYPT ’99, LNCS 1592, pp. 223–238

  16. Peng, K., Bao, F.: Efficient publicly verifiable secret sharing with correctness, soundness and ZK privacy. In WISA ’09, LNCS 5932, pp. 118–132

  17. Peng, K., Bao, F.: An efficient range proof scheme. In IEEE PASSAT ’10, pp. 826–833

  18. Poupard, G., Stern, J.: Fair encryption of RSA keys. In EUROCRYPT ’00, LNCS 1807, pp. 172–189

  19. Schoenmakers, B.: A simple publicly verifiable secret sharing scheme and its application to electronic voting. In CRYPTO ’99, pp. 149–164

  20. Shamir A.: How to share a secret. Commun. ACM 22(11), 612–613 (1979)

    Article  MathSciNet  MATH  Google Scholar 

  21. Stadler, M.: Publicly verifiable secret sharing. In EUROCRYPT ’96, pp. 190–199

  22. The NIST special publication on computer security (sp 800-78 rev 1 of August 2007). Available at http://csrc.nist.gov/publications/nistpubs/ (2007)

Download references

Author information

Authors and Affiliations

  1. Institute for Infocomm Research, Singapore, Singapore

    Kun Peng

Authors
  1. Kun Peng
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Kun Peng.

Rights and permissions

Reprints and permissions

About this article

Cite this article

Peng, K. Threshold distributed access control with public verification: a practical application of PVSS. Int. J. Inf. Secur. 11, 23–31 (2012). https://doi.org/10.1007/s10207-011-0151-4

Download citation

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s10207-011-0151-4

Keywords

Search

Navigation