Revisiting and Extending the AONT-RS Scheme: A Robust Computationally Secure Secret Sharing Scheme

In 2010, Resch and Plank proposed a computationally secure secret sharing scheme, called AONT-RS. We present a generalisation of their scheme and discuss two ways in which information is leaked if used to distribute small ciphertexts. We discuss how to prevent such leakage and provide a proof of computational privacy in the random oracle model. Next, we extend the scheme to be robust and prove the robust AONT-RS achieves computational privacy in the random oracle model and computational recoverability under standard assumptions. Finally, we compare the security, share size and complexity of the AONT-RS scheme with Krawczyk’s SSMS scheme.

[1]  Michael O. Rabin,et al.  Efficient dispersal of information for security, load balancing, and fault tolerance , 1989, JACM.

[2]  Vincent Rijmen,et al.  The Design of Rijndael: AES - The Advanced Encryption Standard , 2002 .

[3]  Ehud D. Karnin,et al.  On secret sharing systems , 1983, IEEE Trans. Inf. Theory.

[4]  F. Moore,et al.  Polynomial Codes Over Certain Finite Fields , 2017 .

[5]  Anoop Nagwani,et al.  Storage , 2010, Web Operations.

[6]  Philippe Béguin,et al.  General Short Computational Secret Sharing Schemes , 1995, EUROCRYPT.

[7]  K. Srinathan,et al.  On the Power of Computational Secret Sharing , 2003, INDOCRYPT.

[8]  Yehuda Lindell,et al.  Introduction to Modern Cryptography , 2004 .

[9]  Christian Cachin On-Line Secret Sharing , 1995, IMACC.

[10]  G. R. BLAKLEY Safeguarding cryptographic keys , 1979, 1979 International Workshop on Managing Requirements Knowledge (MARK).

[11]  Moti Yung,et al.  Generalized secret sharing and group-key distribution using short keys , 1997, Proceedings. Compression and Complexity of SEQUENCES 1997 (Cat. No.97TB100171).

[12]  F. MacWilliams,et al.  The Theory of Error-Correcting Codes , 1977 .

[13]  Douglas R. Stinson,et al.  Localised multisecret sharing , 2017, Cryptography and Communications.

[14]  Toshiaki Tanaka,et al.  A New (k, n)-Threshold Secret Sharing Scheme and Its Extension , 2008, ISC.

[15]  Adi Shamir,et al.  How to share a secret , 1979, CACM.

[16]  Victor Boyko,et al.  On the Security Properties of OAEP as an All-or-Nothing Transform , 1999, CRYPTO.

[17]  Hao Chen,et al.  Algebraic Geometric Secret Sharing Schemes and Secure Multi-Party Computations over Small Fields , 2006, CRYPTO.

[18]  Ronald L. Rivest,et al.  All-or-Nothing Encryption and the Package Transform , 1997, FSE.

[19]  Hugo Krawczyk Distributed fingerprints and secure information dispersal , 1993, PODC '93.

[20]  Mihir Bellare,et al.  Random oracles are practical: a paradigm for designing efficient protocols , 1993, CCS '93.

[21]  Martin Tompa,et al.  How to share a secret with cheaters , 1988, Journal of Cryptology.

[22]  Liqun Chen,et al.  Efficient, XOR-Based, Ideal (t, n)- threshold Schemes , 2016, CANS.

[23]  Hugo Krawczyk,et al.  Secret Sharing Made Short , 1994, CRYPTO.

[24]  Amos Beimel,et al.  Secret-Sharing Schemes: A Survey , 2011, IWCC.

[25]  Mihir Bellare,et al.  Robust computational secret sharing and a unified account of classical secret-sharing goals , 2007, CCS '07.

[26]  R. J. McEliece,et al.  On sharing secrets and Reed-Solomon codes , 1981, CACM.

[27]  James S. Plank,et al.  AONT-RS: Blending Security and Performance in Dispersed Storage Systems , 2011, FAST.

[28]  O. Antoine,et al.  Theory of Error-correcting Codes , 2022 .