Leakproof secret sharing protocols with applications to group identification scheme

In a traditional (t, n)-threshold secret sharing scheme, t or more honest participants can reconstruct the secret K. In the reconstruction process, the individual shares and the secret key K are revealed, hence K is shared once only. In this paper, we firstly give the definition of leakproof secret sharing scheme which is composed of a distribution protocol and a proof protocol, then propose two leakproof secret sharing protocols, a computationally secure protocol and an information-theoretically secure protocol. In our protocols, t or more participants can jointly prove that they hold the secret K by using a multi-prover zero-knowledge argument of knowledge. As a result, the secret K will be shared for as many times as desired. Furthermore, each participant can detect the dealer in the distribution protocol from cheating, and any verifier can prevent non-qualified set of participants in proof protocol from cheating. As an example of the practical impact of our work we use our techniques to construct group identification schemes with zero-knowledge.

[1]  Hugo Krawczyk,et al.  Robust Threshold DSS Signatures , 1996, Inf. Comput..

[2]  Markus Stadler,et al.  Publicly Verifiable Secret Sharing , 1996, EUROCRYPT.

[3]  Amos Fiat,et al.  Zero-knowledge proofs of identity , 1987, Journal of Cryptology.

[4]  Avi Wigderson,et al.  Multi-prover interactive proofs: how to remove intractability assumptions , 2019, STOC '88.

[5]  G. R. BLAKLEY Safeguarding cryptographic keys , 1979, 1979 International Workshop on Managing Requirements Knowledge (MARK).

[6]  Yvo Desmedt,et al.  Threshold cryptography , 1994, Eur. Trans. Telecommun..

[7]  Alon Rosen,et al.  A Note on the Round-Complexity of Concurrent Zero-Knowledge , 2000, CRYPTO.

[8]  Zheng-an Yao,et al.  Efficient Zaps and Signatures of Knowledge , 2007 .

[9]  Torben P. Pedersen Non-Interactive and Information-Theoretic Secure Verifiable Secret Sharing , 1991, CRYPTO.

[10]  Ivan Damgård,et al.  Proofs of Partial Knowledge and Simplified Design of Witness Hiding Protocols , 1994, CRYPTO.

[11]  Yvo Desmedt,et al.  Threshold Cryptosystems , 1989, CRYPTO.

[12]  Boaz Barak,et al.  How to go beyond the black-box simulation barrier , 2001, Proceedings 2001 IEEE International Conference on Cluster Computing.

[13]  Silvio Micali,et al.  The knowledge complexity of interactive proof-systems , 1985, STOC '85.

[14]  Tang Chunming,et al.  Delegateable signatures based on non- interactive witness indistinguishable and non-interactive witness hiding proofs , 2008 .

[15]  Oded Goldreich,et al.  Definitions and properties of zero-knowledge proof systems , 1994, Journal of Cryptology.

[16]  Berry Schoenmakers,et al.  A Simple Publicly Verifiable Secret Sharing Scheme and Its Application to Electronic , 1999, CRYPTO.

[17]  Ran Canetti,et al.  Resettable Zero-Knowledge , 1999, IACR Cryptol. ePrint Arch..

[18]  Yan-Kui Liu,et al.  Bounds on the Value of Fuzzy Solution to Fuzzy Programming Problem , 2007 .

[19]  Hugo Krawczyk,et al.  Adaptive Security for Threshold Cryptosystems , 1999, CRYPTO.

[20]  Gilles Brassard,et al.  Non-transitive transfer of confidence: A perfect zero-knowledge interactive protocol for SAT and beyond , 1986, 27th Annual Symposium on Foundations of Computer Science (sfcs 1986).

[21]  David Chaum,et al.  Minimum Disclosure Proofs of Knowledge , 1988, J. Comput. Syst. Sci..

[22]  Paul Feldman,et al.  A practical scheme for non-interactive verifiable secret sharing , 1987, 28th Annual Symposium on Foundations of Computer Science (sfcs 1987).

[23]  Tal Rabin,et al.  Verifiable secret sharing and multiparty protocols with honest majority , 1989, STOC '89.

[24]  Adi Shamir,et al.  How to share a secret , 1979, CACM.

[25]  Victor Shoup,et al.  Practical Threshold Signatures , 2000, EUROCRYPT.

[26]  Ivan Damgård,et al.  Efficient Concurrent Zero-Knowledge in the Auxiliary String Model , 2000, EUROCRYPT.

[27]  Joe Kilian,et al.  On the Concurrent Composition of Zero-Knowledge Proofs , 1999, EUROCRYPT.

[28]  Melissa Chase,et al.  On Signatures of Knowledge , 2006, CRYPTO.

[29]  G. R. Blakley,et al.  Safeguarding cryptographic keys , 1899, 1979 International Workshop on Managing Requirements Knowledge (MARK).

[30]  Ran Canetti,et al.  Resettable zero-knowledge (extended abstract) , 2000, STOC '00.

[31]  Amos Fiat,et al.  How to Prove Yourself: Practical Solutions to Identification and Signature Problems , 1986, CRYPTO.

[32]  Byung Mun Choi,et al.  ZERO-KNOWLEDGE GROUP IDENTIFICATION AND HIDDEN GROUP SIGNATURE FOR SMART CARDS USING BILINEAR PAIRINGS , 2007 .

[33]  Moni Naor,et al.  Concurrent zero-knowledge , 2004, JACM.

[34]  Joe Kilian,et al.  Lower bounds for zero knowledge on the Internet , 1998, Proceedings 39th Annual Symposium on Foundations of Computer Science (Cat. No.98CB36280).

[35]  Ran Canetti,et al.  Universally composable security: a new paradigm for cryptographic protocols , 2001, Proceedings 2001 IEEE International Conference on Cluster Computing.

[36]  Giovanni Di Crescenzo,et al.  On monotone formula closure of SZK , 1994, Proceedings 35th Annual Symposium on Foundations of Computer Science.

[37]  C. P. Schnorr,et al.  Efficient Identification and Signatures for Smart Cards (Abstract) , 1989, EUROCRYPT.

[38]  Mihir Bellare,et al.  On Defining Proofs of Knowledge , 1992, CRYPTO.

[39]  Ben Soh,et al.  Zero-Knowledge Blind Identification For Smart Cards Using Bilinear Pairings , 2005, IACR Cryptol. ePrint Arch..

[40]  I. Damgård,et al.  The protocols. , 1989, The New Zealand nursing journal. Kai tiaki.

[41]  Zhao Yan-meng A publicly verifiable secret sharing scheme with information-theoretic security , 2009 .