一般存取结构上抗内存泄露的多级秘密共享

在多级秘密共享方案中,每级存取结构里的授权集中参与者可联合重构对应的秘密.但在实际中,腐化了非授权集的攻击者可通过内存攻击获取部分或全部其余参与者的份额信息,从而非法得到部分甚至是全部的秘密信息.面对这样的内存泄漏,现有的多级秘密共享方案都不再安全.基于此,首先给出了抗内存泄漏的多级秘密共享对选择秘密攻击不可区分的形式化的计算安全模型.然后,利用物理不可克隆函数及模糊提取器的联合作用,基于极小线性码构造了一个适用于一般存取结构的抗内存泄露的可验证多级秘密共享方案.同时,在内存攻击者存在的情况下,证明方案在随机预言模型下是计算安全的.最后,将所提出方案与现有方案在性能和计算复杂度两方面进行了比较分析.

Memory Leakage-resilient Multi-stage Secret Sharing Scheme with General Access Structures

In the multi-stage secret sharing scheme, the participants of authorized sets in each level of access structures can jointly reconstruct the corresponding secret. But in reality, adversaries who corrupted an unauthorized set can obtain some or even all of the share information of the uncorrupted participants through memory attacks, thereby illegally obtaining some or even all of the shared secrets. Facing with such memory leaks, the existing multi-stage secret sharing schemes are no longer secure. Based on this, this study firstly proposes a formal computational security model of indistinguishable ability against chosen secret attack for multi-stage secret sharing. Then, using the combination of the physical unclonable function and the fuzzy extractor, a verifiable memory leakage-resistant multi- stage secret sharing scheme for general access structures is constructed based on the minimal linear codes. Furthermore, in the presence of a memory attacker, it is proved that the scheme is computational secure in the random oracle model. Finally, the proposed scheme is compared with the existing schemes in terms of their properties and computational complexity.