On the optimization of bipartite secret sharing schemes (original) (raw)
Related papers
Optimal complexity of secret sharing schemes with four minimal qualified subsets
Designs, Codes and Cryptography, 2010
The complexity of a secret sharing scheme is defined as the ratio between the maximum length of the shares and the length of the secret. This paper deals with the open problem of optimizing this parameter for secret sharing schemes with general access structures. Specifically, our objective is to determine the optimal complexity of the access structures with exactly four minimal qualified subsets. Lower bounds on the optimal complexity are obtained by using the known polymatroid technique in combination with linear programming. Upper bounds are derived from decomposition constructions of linear secret sharing schemes. In this way, the exact value of the optimal complexity is determined for several access structures in that family. For the other ones, we present the best known lower and upper bounds.
Computing Research Repository, 2005
It is known that for any general access structure, a secret sharing scheme (SSS) can be constructed from an (m, m)-threshold scheme by using the so-called cumulative map or from a (t, m)threshold SSS by a modified cumulative map. However, such constructed SSSs are not efficient generally. In this paper, we propose a new method to construct a SSS from a (t, m)-threshold scheme for any given general access structure. In the proposed method, integer programming is used to distribute optimally the shares of (t, m)-threshold scheme to each participant of the general access structure. From the optimality, it can always attain lower coding rate than the cumulative maps except the cases that they give the optimal distribution. The same method is also applied to construct SSSs for incomplete access structures and/or ramp access structures.
Multipartite Secret Sharing by Bivariate Interpolation
Journal of Cryptology, 2009
Given a set of participants that is partitioned into distinct compartments, a multipartite access structure is an access structure that does not distinguish between participants that belong to the same compartment. We examine here three types of such access structures-compartmented access structures with lower bounds, compartmented access structures with upper bounds, and hierarchical threshold access structures. We realize those access structures by ideal perfect secret sharing schemes that are based on bivariate Lagrange interpolation. The main novelty of this paper is the introduction of bivariate interpolation and its potential power in designing schemes for multipartite settings, as different compartments may be associated with different lines in the plane. In particular, we show that the introduction of a second dimension may create the same hierarchical effect as polynomial derivatives and Birkhoff interpolation were shown to do in [13]. Keywords. Secret sharing, multipartite access structures, compartmented access structures, hierarchical threshold access structures, bivariate interpolation, monotone span programs. to which we refer hereinafter as compartments. An m-partite access structure on U is any access structure that does not distinguish between members of the same compartment. More specifically, an access structure Γ ∈ 2 U is mpartite with respect to partition (1) if for all permutations π : U → U such that π(C i) = C i , 1 ≤ i ≤ m, A ∈ Γ if and only if π(A) ∈ Γ. Weighted threshold access structures [11, 1], multilevel access structures [12, 3], hierarchical threshold access structures [13], compartmented access structures [3, 8], bipartite access structure [10], and tripartite access structures [1, 5, 8] are typical examples of such multipartite access structures.
On the Size of Shares for Secret Sharing Schemes
1991
A secret sharing scheme permits a secret to be shared among participants in such a way that only qualified subsets of partecipants can recover the secret, but any non-qualified subset has absolutely no information on the secret. The set of all qualified subsets defines the access structure to the secret. Sharing schemes are useful in the management of cryptographic keys and in multy-party secure protocols. We analyze the relationships among the entropies of the sample spaces from which the shares and the secret are chosen. We show that there are access structures with 4 participants for which any secret sharing scheme must give to a participant a share at least 50% greater than the secret size. This is the first proof that there exist access structures for which the best achievable information rate (i.e., the ratio between the size of the secret and that of the largest share) is bounded away from 1. The bound is the best possible, as we construct a secret sharing scheme for the above access structures which meets the bound with equality.
Simple Multi-Secret Sharing Schemes to Achieve the Optimal Maximum Improvement Ratio
IEEE International Conference on Sensor Networks, Ubiquitous, and Trustworthy Computing - Vol 2 - Workshops, 2006
Secret sharing scheme is a way to distribute a secret among several participants in such a way that only qualified subsets of the participants can reconstruct the secret and unqualified subsets have no information about the secret. A multi-secret sharing scheme is the extension of a secret sharing scheme to the case in which there are many secrets need to be shared, and each secret may with different qualified subsets of participants that can reconstruct the secret. The maximum improvement ratio is used to indicate the efficiency of a multi-secret sharing scheme. In 2001, Crescenzo proved a lower bound of the maximum improvement ratio and propose a multi-secret sharing scheme that can achieve this bound. But this scheme must use several complexity theorems that held in some literatures, and in their scheme, the number of participants must decided by the number of secrets. In this paper, we will propose two simple schemes that not only get the same conclusion directly, but also extend this result to all of the case that for any number of participants and secrets such that the number of participants only need to greater than the number of secrets.
Secret sharing schemes and combinatorial designs
1993
If there are participants involved in a group wanting to recover a secret, then how canbackslashcan\backslashcanbackslash we share the secret? Tlre purpose of this paper is to propose ideal threshold schemes in terms of combinatorial designs. We associate our scheme with threshold scheme expressed as a matrix and investigate the combinatorial properties of ideal schemes with threshold access structure. It is shown that their existence is equivalent to the existence of combinatorial designs. Also, assuming the existence of ideal schemes, we show the condition for the number of blocks of ideal schemes to be expressed by the cardinality of the divisible group. keyword: threhold scheme, secret sharing, block design, matroid 853 1993 80-87
Characterizing Ideal Weighted Threshold Secret Sharing
Weighted threshold secret sharing was introduced by Shamir in his seminal work on secret sharing. In such settings, there is a set of users where each user is assigned a positive weight. A dealer wishes to distribute a secret among those users so that a subset of users may reconstruct the secret if and only if the sum of weights of its users exceeds a certain threshold. On one hand, there are nontrivial weighted threshold access structures that have an ideal scheme -a scheme in which the size of the domain of shares of each user is the same as the size of the domain of possible secrets (this is the smallest possible size for the domain of shares). On the other hand, other weighted threshold access structures are not ideal. In this work we characterize all weighted threshold access structures that are ideal. We show that a weighted threshold access structure is ideal if and only if it is a hierarchical threshold access structure (as introduced by Simmons), or a tripartite access structure (these structures generalize the concept of bipartite access structures due to Padró and Sáez), or a composition of two ideal weighted threshold access structures that are defined on smaller sets of users. We further show that in all those cases the weighted threshold access structure may be realized by a linear ideal secret sharing scheme. The proof of our characterization relies heavily on the strong connection between ideal secret sharing schemes and matroids, as proved . 1 A weighted threshold function is a boolean function f : {0, 1} n → {0, 1} where each variable is assigned a positive weight and f (x 1 , . . . , x n ) = 1 iff the sum of weights that are assigned to the variables whose value is 1 exceeds a given threshold.
Lecture Notes in Computer Science, 1994
A multi-secret sharing scheme is a protocol to share m arbitrarily related secrets s1,. . . , sm among a set of participants P. In this paper we put forward a general theory of multi-secret sharing schemes by using an information theoretical framework. We prove lower bounds on the size of information held by each participant for various access structures. Finally, we prove the optimality of the bounds by providing protocols.