A new fair multi-secret sharing scheme based on asymmetric bivariate polynomial

Abstract

In a (t, n) secret sharing scheme, cheating identification provides a very effective way to protect the security of the secret. In this paper, we propose a fair multi-secret deception identification sharing scheme. The binary polynomials are used to generate k secrets and establish pairs of keys between groups, respectively. During the reconstruction phase, the attackers can be identified and eliminated in a black box by deception verification based on the characteristic equation of n-order matrix with multiple roots. Participants in our scheme cannot directly own useful information, only those who are verified as honest by the black box can get necessary values encrypted by the key, and then multi-secret can be reconstructed successfully. The analysis results show that our scheme can resist both external and internal attacks.

Appendix

In this part, an example is used to simulate the secret reconstruction process (Table 1). (2,3) cheating identification multi-secret sharing scheme is adopted, where t = 2,n = 3, that is, we have U₁,U₂ two sets, where U₁ = {P₁₁,P₁₂}, U₂ = {P₂₁}, n₁ = |U₁| = 2,n₂ = |U₂| = 1. The concrete steps are shown in the Table as follows:

Table 1 An example about the whole procession of secret sharing

Notation 1

A 6-order invertible matrix X generated by black box, like that:

$$X=\left( \begin{array}{cccccc} 0&0&1&0&0&0\\ 0&1&0&0&0&0\\ 1&0&0&0&1&0\\ 0&0&0&0&1&0\\ 0&0&0&1&0&0\\ 0&1&0&0&0&1 \end{array}\right)$$

We can obtain the matrix A,

$$A=X^{-1}{\Lambda} X= \left( \begin{array}{cccccc} 0&0&1&-1&0&0\\ 0&1&0&0&0&0\\ 1&0&0&0&0&0\\ 0&0&0&0&1&0\\ 0&0&0&1&0&0\\ 0&-1&0&0&0&1 \end{array}\right) \left( \begin{array}{cccccc} 6&0&0&0&0&0\\ 0&6&0&0&0&0\\ 0&0&6&0&0&0\\ 0&0&0&6&0&0\\ 0&0&0&0&9&0\\ 0&0&0&0&0&9 \end{array} \right) \left( \begin{array}{cccccc} 0&0&1&0&0&0\\ 0&1&0&0&0&0\\ 1&0&0&0&1&0\\ 0&0&0&0&1&0\\ 0&0&0&1&0&0\\ 0&1&0&0&0&1 \end{array}\right)$$

\(=\left (\begin {array}{cccccc} 6&0&0&0&0&0\\ 0&6&0&0&0&0\\ 0&0&6&0&0&0\\ 0&0&0&9&0&0\\ 0&0&0&0&6&0\\ 0&2&0&0&0&9 \end {array} \right )\)

The eigenvalue ω₁ = 6 of matrix A corresponds to four independent eigenvectors, denoted by

$$x_{11}=\left( \begin{array}{c} 1 \\ 0 \\ 0 \\ 0 \\ 0 \\ 0 \end{array} \right),x_{12}=\left( \begin{array}{c} 0 \\ 1 \\ 0 \\ 0 \\ 0 \\ -1 \end{array} \right),x_{13}=\left( \begin{array}{c} 0 \\ 0 \\ 1 \\ 0 \\ 0 \\ 0 \end{array} \right),x_{14}=\left( \begin{array}{c} 0 \\ 0 \\ 0 \\ 0 \\ 1 \\ 0 \end{array} \right)$$

ω₂ = 9 corresponds to two independently eigenvectors, denoted by

$$x_{21}=\left( \begin{array}{c} 0 \\ 0 \\ 0 \\ 1 \\ 0 \\ 0 \end{array} \right),x_{22}=\left( \begin{array}{c} 0 \\ 0 \\ 0 \\ 0 \\ 0 \\ 1 \end{array} \right).$$