机构地区:[1]School of Mathematics and Information Science,Guangzhou University,Guangzhou 510006,China [2]State Key Laboratory of Information Security,Institute of Software Science,Chinese Academy of Sciences,Beijing 100049,China [3]Department of Mathematical Sciences,Clemson University,SC 29634,USA
出 处:《Science China(Information Sciences)》2012年第5期1172-1185,共14页中国科学(信息科学)(英文版)
基 金:supported by National Natural Science Foundation of China (Grant No.10871222);National Science Foundation (USA) (Grant No.DMS-0302549);Opening Foundation of Key Lab of Cryptological Technology and Information Security of Ministry of Education in Shandong University
摘 要:In a traditional (t,n)-threshold secret sharing scheme,t or more honest participants can reconstruct the secret K.In the reconstruction process,the individual shares and the secret key K are revealed,hence K is shared once only.In this paper,we firstly give the definition of leakproof secret sharing scheme which is composed of a distribution protocol and a proof protocol,then propose two leakproof secret sharing protocols,a computationally secure protocol and an information-theoretically secure protocol.In our protocols,t or more participants can jointly prove that they hold the secret K by using a multi-prover zero-knowledge argument of knowledge.As a result,the secret K will be shared for as many times as desired.Furthermore,each participant can detect the dealer in the distribution protocol from cheating,and any verifier can prevent non-qualified set of participants in proof protocol from cheating.As an example of the practical impact of our work we use our techniques to construct group identification schemes with zero-knowledge.In a traditional (t,n)-threshold secret sharing scheme,t or more honest participants can reconstruct the secret K.In the reconstruction process,the individual shares and the secret key K are revealed,hence K is shared once only.In this paper,we firstly give the definition of leakproof secret sharing scheme which is composed of a distribution protocol and a proof protocol,then propose two leakproof secret sharing protocols,a computationally secure protocol and an information-theoretically secure protocol.In our protocols,t or more participants can jointly prove that they hold the secret K by using a multi-prover zero-knowledge argument of knowledge.As a result,the secret K will be shared for as many times as desired.Furthermore,each participant can detect the dealer in the distribution protocol from cheating,and any verifier can prevent non-qualified set of participants in proof protocol from cheating.As an example of the practical impact of our work we use our techniques to construct group identification schemes with zero-knowledge.
关 键 词:secret sharing leakproof secret sharing multi-prover zero-knowledge argument proof of knowl-edge group identification scheme
分 类 号:TN918.1[电子电信—通信与信息系统]
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
