Performing Computations on Hierarchically Shared Secrets

Hierarchical secret sharing schemes distribute a message to a set of shareholders with different reconstruction capabilities. In distributed storage systems, this is an important property because it allows to grant more reconstruction capability to better performing storage servers and vice versa. In particular, Tassa’s conjunctive and disjunctive hierarchical secret sharing schemes are based on Birkhoff interpolation and perform equally well as Shamir’s threshold secret sharing scheme. Thus, they are promising candidates for distributed storage systems. A key requirement is the possibility to perform function evaluations over shared data. However, practical algorithms supporting this have not been provided yet with respect to hierarchical secret sharing schemes. Aiming at closing this gap, in this work, we show how additions and multiplications of shares can be practically computed using Tassa’s conjunctive and disjunctive hierarchical secret sharing schemes. Furthermore, we provide auditing procedures for operations on messages shared hierarchically, which allow to verify that functions on the shares have been performed correctly. We close this work with an evaluation of the correctness, security, and efficiency of the protocols we propose.

[1]  Douglas R. Stinson,et al.  Social secret sharing in cloud computing using a new trust function , 2012, 2012 Tenth Annual International Conference on Privacy, Security and Trust.

[2]  Torben P. Pedersen Non-Interactive and Information-Theoretic Secure Verifiable Secret Sharing , 1991, CRYPTO.

[3]  Denise Demirel,et al.  An unconditionally hiding auditing procedure for computations over distributed data , 2016, 2016 IEEE Conference on Communications and Network Security (CNS).

[4]  Tal Rabin,et al.  Verifiable secret sharing and multiparty protocols with honest majority , 1989, STOC '89.

[5]  G. R. BLAKLEY Safeguarding cryptographic keys , 1979, 1979 International Workshop on Managing Requirements Knowledge (MARK).

[6]  Matthew K. Franklin,et al.  Identity-Based Encryption from the Weil Pairing , 2001, CRYPTO.

[7]  Yücel Saygin,et al.  Distributed privacy preserving k-means clustering with additive secret sharing , 2008, PAIS '08.

[8]  Carles Padró,et al.  Ideal Hierarchical Secret Sharing Schemes , 2010, IEEE Transactions on Information Theory.

[9]  K. Gopinath,et al.  G_{its}^2 VSR: An Information Theoretical Secure Verifiable Secret Redistribution Protocol for Long-term Archival Storage , 2007 .

[10]  Denise Demirel,et al.  Dynamic and Verifiable Hierarchical Secret Sharing , 2016, ICITS.

[11]  Adi Shamir,et al.  How to share a secret , 1979, CACM.

[12]  Avi Wigderson,et al.  Completeness Theorems for Non-Cryptographic Fault-Tolerant Distributed Computation (Extended Abstract) , 1988, STOC.

[13]  David Chaum,et al.  Multiparty Unconditionally Secure Protocols (Extended Abstract) , 1988, STOC.

[14]  Baruch Awerbuch,et al.  Verifiable secret sharing and achieving simultaneity in the presence of faults , 1985, 26th Annual Symposium on Foundations of Computer Science (sfcs 1985).

[15]  Silvio Micali,et al.  A Completeness Theorem for Protocols with Honest Majority , 1987, STOC 1987.

[16]  James Heather,et al.  The Append-Only Web Bulletin Board , 2008, Formal Aspects in Security and Trust.

[17]  Paul Feldman,et al.  A practical scheme for non-interactive verifiable secret sharing , 1987, 28th Annual Symposium on Foundations of Computer Science (sfcs 1987).

[18]  Donald Beaver,et al.  Efficient Multiparty Protocols Using Circuit Randomization , 1991, CRYPTO.

[19]  Denise Demirel,et al.  AS3: Adaptive social secret sharing for distributed storage systems , 2016, 2016 14th Annual Conference on Privacy, Security and Trust (PST).

[20]  Ernest F. Brickell,et al.  Some Ideal Secret Sharing Schemes , 1990, EUROCRYPT.

[21]  Tamir Tassa Hierarchical Threshold Secret Sharing , 2004, TCC.

[22]  Avi Wigderson,et al.  Completeness theorems for non-cryptographic fault-tolerant distributed computation , 1988, STOC '88.

[23]  Josef Pieprzyk,et al.  Secret Sharing in Multilevel and Compartmented Groups , 1998, ACISP.

[24]  Ivan Damgård,et al.  Scalable and Unconditionally Secure Multiparty Computation , 2007, CRYPTO.

[25]  Michael D. Hogan,et al.  NIST Cloud Computing Standards Roadmap , 2013 .

[26]  Daniel Slamanig,et al.  ARCHISTAR: Towards Secure and Robust Cloud Based Data Sharing , 2015, 2015 IEEE 7th International Conference on Cloud Computing Technology and Science (CloudCom).

[27]  Alfredo De Santis,et al.  Fully Dynamic Secret Sharing Schemes , 1996, Theor. Comput. Sci..

[28]  Gustavus J. Simmons,et al.  How to (Really) Share a Secret , 1988, CRYPTO.

[29]  Svetla Nikova,et al.  Strongly Multiplicative Hierarchical Threshold Secret Sharing , 2009, ICITS.

[30]  Mehrdad Nojoumian,et al.  Ideal social secret sharing using Birkhoff interpolation method , 2016, Secur. Commun. Networks.

[31]  Amos Beimel,et al.  Secret-Sharing Schemes: A Survey , 2011, IWCC.

[32]  Douglas R. Stinson,et al.  Unconditionally secure social secret sharing scheme , 2010, IET Inf. Secur..

[33]  Hugo Krawczyk,et al.  Proactive Secret Sharing Or: How to Cope With Perpetual Leakage , 1995, CRYPTO.

[34]  David Chaum,et al.  Multiparty unconditionally secure protocols , 1988, STOC '88.

[35]  Tal Rabin,et al.  Simplified VSS and fast-track multiparty computations with applications to threshold cryptography , 1998, PODC '98.

[36]  Ueli Maurer,et al.  General Secure Multi-party Computation from any Linear Secret-Sharing Scheme , 2000, EUROCRYPT.

[37]  Sushil Jajodia,et al.  Redistributing Secret Shares to New Access Structures and Its Applications , 1997 .