In traditional secret sharing, a central trusted authority must divide a secret into multiple parts, called shares, such that the secret can only be recovered when a certain number of shares are available for reconstruction [1], [2]. In this paper, we consider a secret sharing problem in which each share must be created separately by independent entities such that no collaboration or shared cryptographic keys are required; we call this the distributed keyless secret sharing problem. For this problem, general tradeoffs between compression and secrecy are characterized yielding the impossibility result that perfect secrecy is unachievable. In response to this impossibility, we define a practical measure of secrecy and design a low-cost solution based on this measure of secrecy.
[1]
Ehud D. Karnin,et al.
On secret sharing systems
,
1983,
IEEE Trans. Inf. Theory.
[2]
Thomas M. Cover,et al.
Elements of Information Theory
,
2005
.
[3]
Kefei Chen,et al.
Some new characters on the wire-tap channel of type II
,
2005,
IEEE Transactions on Information Theory.
[4]
Krishna R. Narayanan,et al.
Weakly Secure Network Coding
,
2005
.
[5]
Adi Shamir,et al.
How to share a secret
,
1979,
CACM.
[6]
Tracey Ho,et al.
A Random Linear Network Coding Approach to Multicast
,
2006,
IEEE Transactions on Information Theory.
[7]
Lawrence H. Ozarow,et al.
Wire-tap channel II
,
1984,
AT&T Bell Laboratories Technical Journal.