基于多变量多项式的门限函数秘密分享方案  被引量：3

作　　者：林昌露[1,2,5,6] 罗景龙 张胜元 王华雄[4] LIN Chang-Lu;LUO Jing-Long;ZHANG Sheng-Yuan;WANG Hua-Xiong(School of Mathematics and Statistics,Fujian Normal University,Fuzhou 350117,China;Fujian Provincial Key Lab of Network Security and Cryptology,Fujian Normal University,Fuzhou 350007,China;Pengcheng Laboratory,Artificial Intelligence Research Center,Shenzhen 518055,China;School of Physical and Mathematical Sciences,Nanyang Technological University,308232,Singapore;Chongqing Municipal Key Laboratory of Cyberspace and Information Security,Chongqing 400065,China;Guangxi Key Laboratory of Trusted Software,Guilin Universityof Electronic Technology,Guilin 541004,China)

机构地区：[1]福建师范大学数学与统计学院,福州350117 [2]福建省网络安全与密码技术重点实验室(福建师范大学),福州350007 [3]鹏城实验室人工智能研究中心,深圳518055 [4]新加坡南洋理工大学物理与数学学院,新加坡308232 [5]网络空间与信息安全重庆市重点实验室,重庆400065 [6]桂林电子科技大学广西可信软件重点实验室,桂林541004

出　　处：《密码学报》2021年第3期537-548,共12页Journal of Cryptologic Research

基　　金：国家自然科学基金(U1705264,61572132);福建省自然科学基金(2019J01275);广西可信软件重点实验室研究课题(KX202039)。

摘　　要：为了提高分布式环境下私密信息存取协议的效率,Boyle等人在2015年欧密会上提出了函数秘密分享(Function Secret Sharing,FSS)概念并给出了具体构造.传统秘密分享方案在参者之间分享的秘密为具体数值,而FSS方案中分享的秘密为函数.Boyle等人基于伪随机生成器构造了一类FSS方案,它们均为计算意义下安全的,即只能抵抗计算能力有限的敌手攻击.本文利用有限域上多变量多项式构造了完善安全的门限FSS方案.其设计技巧是将FSS方案中秘密函数在公开点处函数值的计算转换为公开函数在秘密点处函数值的计算.经过分析发现该方案的通信复杂度与重构门限值r和私密门限值t之间的比值相关;当重构门限值与私密门限值之间的比值较大时,该方案可以实现较低的通信复杂度.此外,该方案可以同时满足函数秘密分享的简洁性、压缩性和函数私密性.这些良好的性能与性质使得该方案可更好地适用于设计各类私密信息存取协议.Functional Secret Sharing(FSS)is a cryptographic primitive introduced by Boyle et al.at Eurocrypt 2015 and motivated by increasing the efficiency of private information access.Unlike the traditional secret sharing,in which the secret shared among participants is a certain value,the secret shared in FSS is a function.The existing FSS schemes designed by Boyle et al.are constructed based on pseudo-random generators,those schemes are computationally secure and they can only resist the adversaries with limited computing power.In this paper,a threshold FSS scheme with perfect security is constructed by using multi-variable polynomial techniques over finite fields.The core technique is to convert the calculation of the function value of the secret function at the public point in the FSS to the calculation of the function value of the public function at the secret point.It is found that the communication complexity of the proposed scheme is related to the ratio of the reconstruction threshold r and the privacy threshold t.This communication complexity is lower if the ratio is larger.The proposed FSS scheme has the properties such as simplicity,compressibility,and function privacy.The good performance and properties show that the proposed scheme is suitable to the design of some new private information access protocols.

关 键 词：函数秘密分享 门限秘密共享 完善安全性 私密信息检索 

分 类 号：TP309.2[自动化与计算机技术—计算机系统结构]