共查询到19条相似文献,搜索用时 156 毫秒
1.
在多级秘密共享方案中,每级存取结构里的授权集中参与者可联合重构对应的秘密.但在实际中,腐化了非授权集的攻击者可通过内存攻击获取部分或全部其余参与者的份额信息,从而非法得到部分甚至是全部的秘密信息.面对这样的内存泄漏,现有的多级秘密共享方案都不再安全.基于此,首先给出了抗内存泄漏的多级秘密共享对选择秘密攻击不可区分的形式化的计算安全模型.然后,利用物理不可克隆函数及模糊提取器的联合作用,基于极小线性码构造了一个适用于一般存取结构的抗内存泄露的可验证多级秘密共享方案.同时,在内存攻击者存在的情况下,证明方案在随机预言模型下是计算安全的.最后,将所提出方案与现有方案在性能和计算复杂度两方面进行了比较分析. 相似文献
2.
针对实际应用中同时涉及参与者权重和攻击结构两方面的问题,根据中国剩余定理,提出了一个基于攻击结构的秘密共享方案。该方案是一种完善的秘密共享方案,具有秘密重构特性和完善保密性,可以有效地防止外部攻击和内部欺骗。所有信息可以明文形式进行传送,不需要安全信道。方案允许参与者动态地加入或退出,攻击结构和共享秘密也可以动态更新,并且各参与者的秘密份额不需要更新。方案的安全性基于Shamir门限方案和离散对数问题的难解性。 相似文献
3.
在多秘密共享方案中,通常会生成大量公开值来保障多个秘密安全正确地重构,同时参与者也需要保存大量信息.为减少公开值的个数以及参与者所需保存的信息量,本文基于中国剩余定理和Shamir(t,n)-门限秘密共享方案设计了一个子秘密可多使用的门限存取结构多秘密共享方案.根据中国剩余定理将多项式产生的子秘密信息进行聚合生成公开值,减少了公开值的个数;应用转换值的方法和离散对数对参与者子秘密信息进行保护.构造了具有以下特点的多秘密共享方案:可一次共享多个秘密;不同的秘密可对应不同门限的存取结构;参与者可验证所恢复秘密值的正确性;公开值个数更少;参与者存储一个子秘密且子秘密可以多次使用. 相似文献
4.
为满足一般存取结构的多秘密共享方案在实际应用中的可验证性和动态性需求,提出一种适用于任意存取结构的动态可验证多秘密共享方案,其中每个参与者各自选取秘密份额,采用RSA公钥密码体制将该份额通过公开信道发送给分发者。同时基于双变量单向函数为每个参与者分配伪秘密份额,利用双变量单向函数之间的异或运算设计秘密分发算法及重构算法。分析结果表明,该方案在秘密重构阶段参与者只需要出示其伪份额即可恢复主秘密,无须泄漏真正的秘密份额,具有防欺诈性;秘密份额的分发可以通过公开信道实现,减少了方案的实施代价。 相似文献
5.
6.
7.
现有可公开验证多秘密共享方案只能由Lagrange插值多项式构造,且共享的秘密仅限于有限域或加法群。为解决上述问题,提出一个基于双线性对的可公开验证多秘密共享方案。该方案中每个参与者需持有2个秘密份额来重构多个秘密,并且在秘密分发的同时生成验证信息。任何人都可以通过公开的验证信息对秘密份额的有效性进行验证,及时检测分发者和参与者的欺骗行为。在秘密重构阶段采用Hermite插值定理重构秘密多项式,并结合双线性运算重构秘密。分析结果表明,在双线性Diffie-Hellman问题假设下,该方案能抵抗内外部攻击,具有较高的安全性。 相似文献
8.
在现有基于LUC密码体制的秘密共享方案基础上,提出一种新的动态多秘密共享方案。该方案无需在秘密分发者与成员之间建立安全信道,就能对成员和秘密进行动态添加或删除。在秘密重构过程中,合作成员只需向指定生成者提交影子份额,且验证者可对影子份额进行公开验证,从而使得系统无需更新成员的秘密份额即可实现一次性共享多个秘密和多组秘密。通过随机预言机模型对该方案进行验证,结果表明,在离散对数问题的假设下该方案是语义安全的,并且在计算量、安全性、总体性能方面均优于传统秘密共享方案。 相似文献
9.
研究了He-Dawson所提出的基于单向函数的多步骤秘密共享方案,指出该方案是一次方案而且不能抵抗合谋攻击,结合基于身份验证的密码学多秘密共享方案和利用二次剩余构造的数字签名方案,提出了一种利用二次剩余构造一个多秘密共享方案,该方案功能是一种(t,n)门限的多秘密共享方案。该方案中,由秘密分发者分发秘密,但每个参与者可以验证由秘密分发者分发的秘密,可以防止秘密分发者的欺骗,并且每个参与者能够验证其他合作者的欺骗。另外,每个参与者选取的子秘密可以复用,组秘密可以以任意顺序重构,同时该方案还能够抵抗合谋攻击。其安全性是基于Shamir门限方案和RSA密钥体制。在大整数分解困难离散对数难分解等问题的假设下,证明了提出的方案是安全的。 相似文献
10.
秘密共享在信息安全和数据保密中起着重要的作用。本文基于Shamir的门限方案提出一个新的(t,n)多重秘密共享方案,P个秘密被n个参与者所共享,至少t个参与者联合可以一次性重构这P个秘密,而且参与者秘密份额长度与每个秘密长度相同。与现有方案比较,该方案具有秘密重构计算复杂度低,所需公共信息量小的优点。方案的安全性是基于Shamir的门限方案的安全性。分析表明本文的方案是一个安全、有效的方案。 相似文献
11.
Huawang Qin Yuewei Dai Zhiquan Wang 《International Journal of Information Security》2009,8(5):379-385
The existing secret sharing schemes cannot be applied directly if the threshold and the adversary structures are both needed
to meet. A secret sharing scheme which can meet the requirements of both the (t, n) threshold and the adversary structure is proposed basing on the existing (t, n) threshold schemes and the knowledge of set theory, and the validity of the proposed scheme is proved perfectly. The scheme
does not need to traverse the whole set of participants to get the qualified or unqualified subsets, and can distribute the
shadows according to the requirements of threshold and adversary structure directly. The scheme can prevent the participants
from cheating, and does not need the participants to provide their real shadows when the shared secret is reconstructed. The
shadows do not need to be renewed when the shared secret is changed. The comparisons to the existing schemes show that, the
proposed scheme is more efficient when the threshold and the adversary structure are both required. 相似文献
12.
Yuan-BoGuo Jian-FengMa 《计算机科学技术学报》2004,19(4):0-0
Most existing secret sharing schemes are constructed to realize general access structure, which is defined in terms of authorized groups of participants, and is unable to be applied directly to the design of intrusion tolerant system, which often concerns corruptible groups of participants instead of authorized ones. Instead, the generalized adversary structure, which specifies the corruptible subsets of participants, can be determined directly by exploit of the system setting and the attributes of all participants. In this paper an efficient secret sharing scheme realizing generalized adversary structure is proposed, and it is proved that the scheme satisfies both properties of the secret sharing scheme, i.e., the reconstruction property and the perfect property. The main features of this scheme are that it performs modular additions and subtractions only, and each share appears in multiple share sets and is thus replicated. The former is an advantage in terms of computational complexity,and the latter is an advantage when recovery of some corrupted participants is necessary. So our scheme can achieve lower computation cost and higher availability. Some reduction on the scheme is also done finally, based on an equivalence relation defined over adversary structure. Analysis shows that reduced scheme still preserves the properties of the original one. 相似文献
13.
14.
Keju MENG Fuyou MIAO Yu NING Wenchao HUANG Yan XIONG Chin-Chen CHANG 《Frontiers of Computer Science》2021,15(2):152801
If an adversary tries to obtain a secret s in a (t, n) threshold secret sharing (SS) scheme, it has to capture no less than t shares instead of the secret s directly. However, if a shareholder keeps a fixed share for a long time, an adversary may have chances to filch some shareholders’ shares. In a proactive secret sharing (PSS) scheme, shareholders are supposed to refresh shares at fixed period without changing the secret. In this way, an adversary can recover the secret if and only if it captures at least t shares during a period rather than any time, and thus PSS provides enhanced protection to long-lived secrets. The existing PSS schemes are almost based on linear SS but no Chinese Remainder Theorem (CRT)-based PSS scheme was proposed. This paper proposes a PSS scheme based on CRT for integer ring to analyze the reason why traditional CRT-based SS is not suitable to design PSS schemes. Then, an ideal PSS scheme based on CRT for polynomial ring is also proposed. The scheme utilizes isomorphism of CRT to implement efficient share refreshing. 相似文献
15.
一种安全增强的基于椭圆曲线可验证门限签名方案 总被引:10,自引:0,他引:10
以Nyberg—Ruepple签名体制和Pedersen可验证秘密共享方案为基础。提出一种安全增强的基于椭圆曲线的(k,n)可验证门限签名方案.该签名方案通过周期地重分派方式在不同访问结构中共享密钥d,增强了签名密钥d的安全性,从而提高该签名方案的安全性.可以证明重分派协议重分派签名密钥后,签名密钥保持不变.与现有基于椭圆曲线的可验证门限签名方案相比.该安全增强的可验证门限签名方案不仅具有更强的安全性,而且具有入侵容忍能力. 相似文献
16.
Hong Lai Jinghua Xiao Lixiang Li Yixian Yang 《Information Processing Letters》2012,112(17-18):683-687
This paper first investigates the applications of recursive hiding of secret, which was originally proposed for visual cryptography to space efficient secret sharing, and then provides a novel recursive hiding of biometrics-based secret sharing scheme using adversary structure. The proposed scheme may find applications for sharing secrets with excess bits, especially in the scenarios where resources are strictly limited and the requirement of verification is demanding. Existing ways of combiner verification always just rely on exponentiation or only by hiring one-way hash function, which cannot thwart the stolen share attack, spoofing attack or discriminate an imposter who fraudulently obtains the access privileges from the genuine participant. Nonetheless, these problems can be tackled by the unique property of biometrics in our paper. Most importantly, unlike most counterpart schemes, no other random numbers are used to protect the secret pieces, hence, our scheme is simpler and more efficient, and the computation cost is relatively low. 相似文献
17.
在基于传统秘密共享的Web服务中,入侵者可长时间攻击,降低了系统的可靠性,不再适用。本文提出了一种基于主动秘密共享的Web服务器入侵容忍方案,并给出了改进可验证秘密共享方案后的影子产生算法和更新算法。该方案在不改变共享Web服务器私钥的情况下,周期性地更新私钥影子并且销毁原来的影子值,使得入侵者的可利用时间缩短
在一个周期内,从而保证Web私钥的长期安全性。 相似文献
在一个周期内,从而保证Web私钥的长期安全性。 相似文献
18.
公开的可验证秘密共享(PVSS)方案是一种任何一方均能公开地验证共享正确性的可验证秘密共享方案,验证并不局限于共享所属的参与者本人,所以它比一般的可验证秘密共享方案有着更广泛的应用.提出了一个基于公钥密码和零知识证明的,非交互式的,信息论安全的PVSS方案.该方案实现简单,且易于扩展和更新,特别适宜于一般接入结构上公开的可验证秘密共享. 相似文献