Mostra el registre d'ítem simple

dc.contributor.authorHerranz Sotoca, Javier
dc.contributor.authorRuiz Rodríguez, Alexandre
dc.contributor.authorSáez Moreno, Germán
dc.contributor.otherUniversitat Politècnica de Catalunya. Departament de Matemàtica Aplicada IV
dc.date.accessioned2015-04-28T17:42:09Z
dc.date.available2015-04-28T17:42:09Z
dc.date.created2014-12-01
dc.date.issued2014-12-01
dc.identifier.citationHerranz, J.; Ruiz, A.; Saez, G. New results and applications for multi-secret sharing schemes. "Designs codes and cryptography", 01 Desembre 2014, vol. 73, núm. 3, p. 841-864.
dc.identifier.issn0925-1022
dc.identifier.urihttp://hdl.handle.net/2117/27633
dc.description.abstractIn a multi-secret sharing scheme (MSSS), different secrets are distributed among the players in some set , each one according to an access structure. The trivial solution to this problem is to run independent instances of a standard secret sharing scheme, one for each secret. In this solution, the length of the secret share to be stored by each player grows linearly with (when keeping all other parameters fixed). Multi-secret sharing schemes have been studied by the cryptographic community mostly from a theoretical perspective: different models and definitions have been proposed, for both unconditional (information-theoretic) and computational security. In the case of unconditional security, there are two different definitions. It has been proved that, for some particular cases of access structures that include the threshold case, a MSSS with the strongest level of unconditional security must have shares with length linear in . Therefore, the optimal solution in this case is equivalent to the trivial one. In this work we prove that, even for a more relaxed notion of unconditional security, and for some kinds of access structures (in particular, threshold ones), we have the same efficiency problem: the length of each secret share must grow linearly with . Since we want more efficient solutions, we move to the scenario of MSSSs with computational security. We propose a new MSSS, where each secret share has constant length (just one element), and we formally prove its computational security in the random oracle model. To the best of our knowledge, this is the first formal analysis on the computational security of a MSSS. We show the utility of the new MSSS by using it as a key ingredient in the design of two schemes for two new functionalities: multi-policy signatures and multi-policy decryption. We prove the security of these two new multi-policy cryptosystems in a formal security model. The two new primitives provide similar functionalities as attribute-based cryptosystems, with some advantages and some drawbacks that we discuss at the end of this work.
dc.format.extent24 p.
dc.language.isoeng
dc.rightsAttribution-NonCommercial-NoDerivs 3.0 Spain
dc.rights.urihttp://creativecommons.org/licenses/by-nc-nd/3.0/es/
dc.subjectÀrees temàtiques de la UPC::Informàtica::Seguretat informàtica::Criptografia
dc.subject.otherMulti-secret sharing schemes
dc.subject.otherMulti-policy cryptosystems
dc.subject.otherEntropy
dc.subject.otherProvable security
dc.subject.otherTHRESHOLD SIGNATURES
dc.subject.otherDIFFIE-HELLMAN
dc.subject.otherCRYPTOSYSTEMS
dc.subject.otherENCRYPTION
dc.subject.otherSECURITY
dc.titleNew results and applications for multi-secret sharing schemes
dc.typeArticle
dc.contributor.groupUniversitat Politècnica de Catalunya. MAK - Matemàtica Aplicada a la Criptografia
dc.identifier.doi10.1007/s10623-013-9831-6
dc.description.peerreviewedPeer Reviewed
dc.subject.amsClassificació AMS::90 Operations research, mathematical programming
dc.rights.accessOpen Access
local.identifier.drac15177692
dc.description.versionPostprint (author’s final draft)
local.citation.authorHerranz, J.; Ruiz, A.; Saez, G.
local.citation.publicationNameDesigns codes and cryptography
local.citation.volume73
local.citation.number3
local.citation.startingPage841
local.citation.endingPage864


Fitxers d'aquest items

Thumbnail

Aquest ítem apareix a les col·leccions següents

Mostra el registre d'ítem simple