一种安全的门限多秘密共享方案

提出了一种可认证的门限多秘密共享的新方案,通过成员提供的子密钥的一个影子来恢复秘密,由影子难以得到子密钥本身,因此可以复用,也即通过同一组子密钥共享多个秘密.该方案可以对分发者发布的信息和参与者提供的子密钥影子进行认证,从而可以抵御分发者欺骗和参与者欺骗.方案的安全性基于RSA密码系统和Shamir的(k,n)门限秘密共享方案.另外,本文还提出两种对这类门限多秘密共享方案的欺骗方法,能不同程度的破坏几个已有方案的安全性,但本文所提出的方案对这些欺骗有免疫能力.该方案是计算安全的,并且性能较现有诸方案更好.     

基于RSA密码体制（t，n）门限秘密共享方案

基于RSA密码体制,提出了一个新的(t,n)门限秘密共享方案。在该方案中,秘密份额由各参与者自己选择,秘密分发者不知道每个参与者所持有的份额,而且秘密份额长度与秘密长度相同。在秘密恢复过程中,每个参与者能够验证其他参与者是否进行了欺骗。每个参与者只需维护一个秘密份额,就可以实现对多个秘密的共享。方案的安全性是基于RSA密码体制和Shamir的(t,n)门限秘密共享方案的安全性。     

基于RSA密码体制（t，n）门限秘密共享方案

基于RSA密码体制,提出了一个新的(t,n)门限秘密共享方案.在该方案中,秘密份额由各参与者自己选择,秘密分发者不知道每个参与者所持有的份额,而且秘密份额长度与秘密长度相同.在秘密恢复过程中,每个参与者能够验证其他参与者是否进行了欺骗.每个参与者只需维护一个秘密份额,就可以实现对多个秘密的共享.方案的安全性是基于RSA密码体制和Shamir的(t,n)门限秘密共享方案的安全性.     

多重门限的图像秘密共享方案

 针对传统的基于视觉密码的图像秘密共享方案存在像素扩张导致其只能共享小尺寸的秘密图像、信息隐藏效率较低的问题,提出一种能够提高信息隐藏容量的(t,k,n)多重门限图像秘密共享方案.该方案利用秘密图像信息控制视觉密码方案中共享矩阵的选取,从而实现秘密图像在视觉密码方案中的隐藏.在秘密图像恢复的第一阶段,任意t个参与者直接叠加其影子图像后可以视觉解密出低质量的秘密图像信息;在第二阶段,任意k个参与者可以从影子图像中提取出隐藏的信息,并通过计算恢复出精确的灰度秘密图像.相对于传统的视觉密码方案,本文方案在不影响视觉密码恢复图像的视觉质量前提下,可以隐藏更多的秘密图像信息,而像素扩张尺寸较小.     

基于物联网的数字档案管理系统设计与实现

为提高基于物联网的大规模数字档案管理效率,在研究了Shamir秘密共享方案基础上,文中设计了一种分布式物联网档案管理系统.该系统由四个部分组成:客户端、调度器、节点管理器和常规节点,可实现文件保存和恢复、连接设置和数据传输及共享机制.此外,文中在Shamir的秘密共享方案中引入多系数多项式和内部填充,实现了数据的可扩展...     

基于单向散列链的可更新(t, n)门限秘密共享方案

为了提高可更新秘密共享方案中影子秘密的更新效率,基于单向散列链的特性,提出了一种新型可更新秘密共享方案.该方案使用单向散列链构造更新多项式,避免了生成随机多项式带来的计算开销.秘密共享实现过程基于IBE公钥体制,具有良好的安全性能.影子秘密验证基于有限域上离散对数难解问题,能有效避免参与者欺骗.理论分析和仿真结果显示该方案能在保证安全性的前提下显著提高影子秘密更新的效率.     

新的安全分布式n个秘密乘积共享方案

由于Shamir的秘密共享方案并不具有乘法的同态性质, 因此针对安全分布式乘法计算中利用传统的Shamir线性多项式进行n个秘密乘积共享时需要不断调用两方秘密乘积子协议的缺点,首先用哥德尔数对保密数据进行编码,接着利用这种具有乘法同态的编码方法和一种加法同态承诺方案,实现了一种新的安全分布式一次性共享n个秘密乘积的方案,并证明了即使有恶意的参与者存在时,此方案仍为安全的。分析表明,本方案不但简单可行,而且相比传统方案效率明显提高。     

基于中国剩余定理的秘密共享组播密钥管理方案

该文结合中国剩余定理和Shamir秘密共享方法,提出了一种新的组播密钥管理方案基于中国剩余定理的秘密共享(CRTSS)组播密钥管理方案,并把所提出的CRTSS方案与GKMP方案进行比较和分析。结果表明,CRTSS方案克服了传统集中式平面型管理方式更新开销大的通病,提升了整体性能,是一种可靠的、新型的集中式平面型组播密钥管理方案。     

基于新型秘密共享方法的高效RSA门限签名方案

针对传统的门限RSA签名体制中需对剩余环Z(N)中元素求逆(而环中元素未必有逆)的问题,该文首先提出一种改进的Shamir秘密共享方法。 该方法通过在整数矩阵中的一系列运算来恢复共享密钥。由于其中涉及的参数均为整数,因此避免了传统方案中由Lagrange插值公式产生的分数而引起的环Z(N)中的求逆运算。然后基于该改进的秘密共享方法给出了一个新型的门限RSA Rivest Shanair Atleman签名方案。由于该方案无须在任何代数结构(比如Z(N))中对任何元素求逆,也无须进行代数扩张,因此在实际应用中更为方便、有效。     

双重门限秘密共享方案

基于RSA密码体制、Shamir门限方案和哈希函数的安全性,设计了一种双重门限秘密共享方案。方案中,参与者只需维护一个秘密份额,可实现对多个秘密的共享。秘密份额由参与者确定和保管,秘密分发者也不知晓,秘密共享过程中,只需出示伪秘密份额。方案不需要维护安全信道,算法能够保证信息安全传送,以及验证参与者是否进行了欺骗。     

AN EFFICIENT AND SECURE （t, n） THRESHOLD SECRET SHARING SCHEME

Based on Shamir＇s threshold secret sharing scheme and the discrete logarithm problem, a new （t, n） threshold secret sharing scheme is proposed in this paper. In this scheme, each participant＇s secret shadow is selected by the participant himself, and even the secret dealer cannot gain anything about his secret shadow. All the shadows are as short as the shared secret. Each participant can share many secrets with other participants by holding only one shadow. Without extra equations and information designed for verification, each participant is able to check whether another participant provides the true information or not in the recovery phase. Unlike most of the existing schemes, it is unnecessary to maintain a secure channel between each participant and the dealer. Therefore, this scheme is very attractive, especially under the circumstances that there is no secure channel between the dealer and each participant at all. The security of this scheme is based on that of Shamir＇s threshold scheme and the difficulty in solving the discrete logarithm problem. Analyses show that this scheme is a computationally secure and efficient scheme.     

Sharing more information in gray visual cryptography scheme

Visual cryptography scheme (VCS) shares a binary secret image into several binary shadows, and the secret image can be visually revealed by stacking qualified shadows without computation. From the point of view of sharing secret information, VCS is not efficiency because of the large size expansion and low visual quality. In this paper, we introduce a general gray visual cryptography scheme, which can share more information, called Sharing More Information Gray Visual Cryptography Scheme (SMIGVCS). All the shadow pixels of VCS embed additional information to generate gray shadows of SMIGVCS, and the embedded information comes from the shadows of a polynomial-based secret sharing scheme (PSSS). In the revealing process, a vague secret image is visually decoded by stacking qualified shadows, and more information is revealed by computation. Compared with the two-in-one image secret sharing scheme (TiOISSS), our SMIGVCS can achieve smaller shadow size with acceptable visual quality.     

对一类门限密码体制的研究注记

本文在研究扩展到有限Abel群上的Shamir(k,n)-门限秘密分享体制的基础上,构造出一类新的EIGamal类型的门限密码体制及具有信息恢复特性的数字签名体制;指出这类体制的一些良好特性及其在诸如密钥托管、密钥分配体制等方面的应用,并证明了其安全性。     

A Visual Secret Sharing Scheme for Progressively Restoring Secrets

Visual secret sharing has received more and more attention over the past years due to the fact that neither complex computation nor cryptographic knowledge is required to decrypt the secret image directly according to the characteristics of the human vision system. Considering the issue of sharing the secret image at multiple image resolutions with the meaningful shadows, in this paper, we present a friendly progressive visual secret sharing scheme without expanding the image size in the shadows and the reconstructed secret image based on applying a 22-sized block-wise operation to generate the shadows block by block. The proposed method can achieve these benefits: 1) the generated shadows are meaningful, and their sizes are not expanded, and 2) the secret image can be recovered at different resolutions by stacking different quantities of shadows together. The experimental results also show that the proposed method is superior to other compared schemes.     

Essential secret image sharing scheme with different importance of shadows

In (k, n) secret image sharing (SIS), a scheme encrypts a secret image into n shadow images. Any k or more shadow images can be collaborated together to reveal the secret image. Most of the previous SIS schemes don’t distinguish the importance of shadows. However, in some application environments, some participants are accorded special privileges due to their status or importance. Thus, some shadows may be more important than others. In this paper, we consider the (t, s, k, n) essential SIS (ESIS) scheme. All n shadows are classified into s essential shadows and (n–s) non-essential shadows. When reconstructing the secret image, the (t, s, k, n)-ESIS scheme needs k shadows, which should include at least t essential shadows.     

多版本备份和限制性双重认证主密钥(t,s,k,n)图像分存

传统影子图像连接的（t,s,k,n）分存易导致分发影子图像大小不等,基于伯克霍夫插值的（t,s,k,n）分存不能高效恢复;而双认证自修复图像分存对密图和备份图恢复能力十分有限.针对以上问题,采用随机参与值通过（k,s）和（k-t,n-s）分存来构造主密钥（t,s,k,n）分存并通过第3方公信方存储的MD5值以防止作弊.所提策略由主密钥对密图LL子带置乱来形成对显著比特多备份、对非显著比特少备份和经主密钥不同程度置乱的多版本备份图;引入限制性双重认证在保持认证精度的同时,将尽可能多的备份比特通过GF（2^8）域（k,n）分存嵌入来形成嵌密掩体.理论和实验表明,主密钥（t,s,k,n）分存可高效求解;随机参与值可避免参与者编号泄露,分发信息的篡改和认证比特的揣测;多版本备份可对备份图高置信度地恢复;而限制性双重认证在认证能力上不低于双认证自修复图像分存.     

基于因子分解和离散对数的动态秘密分享方案

该文提出了一个安全性基于离散对数与因子分解的动态秘密分享方案.它具有如下优点:(1)系统更新分享的秘密时,无需更新分享的子秘密,即子秘密可重复使用;(2)当系统增删成员时,无需变更其他成员的子秘密;(3)当某个成员的子秘密泄露时,系统只需为该成员重新分配子秘密而不必更改其他成员的子秘密;(4)防止欺诈;(5)通信量较少,工作效率高.     

Hierarchical Threshold Secret Sharing

We consider the problem of threshold secret sharing in groups with hierarchical structure. In such settings, the secret is shared among a group of participants that is partitioned into levels. The access structure is then determined by a sequence of threshold requirements: a subset of participants is authorized if it has at least k₀ 0 members from the highest level, as well as at least k₁ > k₀ members from the two highest levels and so forth. Such problems may occur in settings where the participants differ in their authority or level of confidence and the presence of higher level participants is imperative to allow the recovery of the common secret. Even though secret sharing in hierarchical groups has been studied extensively in the past, none of the existing solutions addresses the simple setting where, say, a bank transfer should be signed by three employees, at least one of whom must be a department manager. We present a perfect secret sharing scheme for this problem that, unlike most secret sharing schemes that are suitable for hierarchical structures, is ideal. As in Shamir's scheme, the secret is represented as the free coefficient of some polynomial. The novelty of our scheme is the usage of polynomial derivatives in order to generate lesser shares for participants of lower levels. Consequently, our scheme uses Birkhoff interpolation, i.e., the construction of a polynomial according to an unstructured set of point and derivative values. A substantial part of our discussion is dedicated to the question of how to assign identities to the participants from the underlying finite field so that the resulting Birkhoff interpolation problem will be well posed. In addition, we devise an ideal and efficient secret sharing scheme for the closely related hierarchical threshold access structures that were studied by Simmons and Brickell.     

一种安全有效的（t,n）多秘密共享认证方案

基于双子密钥的思想给出了一种安全有效的(t,n)多秘密共享认证方案,其优点是每个成员可以多次使用自己的子密钥来恢复庄家任意给定的用于共享的多个密钥,重构一个密钥只需公开3个参数,为抵抗成员的欺骗无须执行零知识证明协议.所给的方案与已有的方案相比在计算量和通信量方面有明显的优越性.