TY - JOUR
T1 - Secret sharing with cheaters using multi-receiver authentication
AU - Xu, Rui
AU - Morozov, Kirill
AU - Takagi, Tsuyoshi
N1 - Funding Information:
R.X. was supported by The China Scholarship Council, No. 201206340057. K.M. was supported by a kakenhi Grant-in- Aid for Young Scientists (B) 24700013 and Grant-in-Aid for Scientific Research (C) 15K00186 from Japan Society for the Promotion of Science. This research was supported by JST CREST.
Publisher Copyright:
© Copyright 2017 The Institute of Electronics, Information and Communication Engineers.
PY - 2017/1
Y1 - 2017/1
N2 - We introduce two cheater identifiable secret sharing (CISS) schemes with efficient reconstruction, tolerating t < k=2 cheaters and one robust secret sharing scheme (RSS). Our constructions, which provide public cheater identification, feature a novel application of multi- receiver authentication codes to ensure integrity of shares. The first CISS scheme, which tolerates rushing cheaters, has the share size jS j(n - t )n+t+2=ϵ n+t+2 in the general case, that can be ultimately reduced to jS j(k - t )k+t+2=ϵ k+t+2 assuming that all the t cheaters are among the k reconstructing players. The second CISS scheme, which tolerates non- rushing cheaters, has the share size jS j(n - t )2t+2=ϵ 2t+2. These two con- structions have the smallest share size among the existing CISS schemes of the same category, when the secret is a single field element. Finally, we use the tool of multi-receiver authentication to construct a robust secret sharing scheme, which updates the start-of-art against rushing adversary by reducing the share overhead by slightly more than one half. In addition, we point out that an improvement in the share size to jS j=ϵ n-(k-1)=3+1 can be achieved for a CISS tolerating t < k=3 rushing cheaters presented by Xu et al. at IWSEC 2013.
AB - We introduce two cheater identifiable secret sharing (CISS) schemes with efficient reconstruction, tolerating t < k=2 cheaters and one robust secret sharing scheme (RSS). Our constructions, which provide public cheater identification, feature a novel application of multi- receiver authentication codes to ensure integrity of shares. The first CISS scheme, which tolerates rushing cheaters, has the share size jS j(n - t )n+t+2=ϵ n+t+2 in the general case, that can be ultimately reduced to jS j(k - t )k+t+2=ϵ k+t+2 assuming that all the t cheaters are among the k reconstructing players. The second CISS scheme, which tolerates non- rushing cheaters, has the share size jS j(n - t )2t+2=ϵ 2t+2. These two con- structions have the smallest share size among the existing CISS schemes of the same category, when the secret is a single field element. Finally, we use the tool of multi-receiver authentication to construct a robust secret sharing scheme, which updates the start-of-art against rushing adversary by reducing the share overhead by slightly more than one half. In addition, we point out that an improvement in the share size to jS j=ϵ n-(k-1)=3+1 can be achieved for a CISS tolerating t < k=3 rushing cheaters presented by Xu et al. at IWSEC 2013.
UR - http://www.scopus.com/inward/record.url?scp=85008313652&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=85008313652&partnerID=8YFLogxK
U2 - 10.1587/transfun.E100.A.115
DO - 10.1587/transfun.E100.A.115
M3 - Article
AN - SCOPUS:85008313652
SN - 0916-8508
VL - E100A
SP - 115
EP - 125
JO - IEICE Transactions on Fundamentals of Electronics, Communications and Computer Sciences
JF - IEICE Transactions on Fundamentals of Electronics, Communications and Computer Sciences
IS - 1
ER -