Bivariate polynomial-based secret sharing schemes with secure secret reconstruction
A (t,n)-threshold scheme with secure secret reconstruction, or a (t,n)-SSR scheme for short, is a (t,n)-threshold scheme against the outside adversary who has no valid share, but can impersonate a participant to take part in the secret reconstruction phase. We point out that previous bivariate polyn...
Saved in:
| Main Authors: | , , , |
|---|---|
| 其他作者: | |
| 格式: | Article |
| 語言: | English |
| 出版: |
2022
|
| 主題: | |
| 在線閱讀: | https://hdl.handle.net/10356/163882 |
| 標簽: |
添加標簽
沒有標簽, 成為第一個標記此記錄!
|
| 總結: | A (t,n)-threshold scheme with secure secret reconstruction, or a (t,n)-SSR scheme for short, is a (t,n)-threshold scheme against the outside adversary who has no valid share, but can impersonate a participant to take part in the secret reconstruction phase. We point out that previous bivariate polynomial-based (t,n)-SSR schemes, such as those of Harn et al. (Information Sciences 2020), are insecure, which is because the outside adversary may obtain the secret by solving a system of [Formula presented] linear equations. We revise Harn et al. scheme and get a secure (t,n)-SSR scheme based on a symmetric bivariate polynomial for the first time, where t⩽n⩽2t-1. To increase the range of n for a given t, we construct a secure (t,n)-SSR scheme based on an asymmetric bivariate polynomial for the first time, where n⩾t. We find that the share sizes of our schemes are the same or almost the same as other existing insecure (t,n)-SSR schemes based on bivariate polynomials. Moreover, our asymmetric bivariate polynomial-based (t,n)-SSR scheme is more easy to be constructed compared to the Chinese Remainder Theorem-based (t,n)-SSR scheme with the stringent condition on moduli, and their share sizes are almost the same. |
|---|