论文标题:两类广义秘密共享方案的研究与设计
Research and Design of Two Kinds of General Secret Sharing Scheme
论文作者
论文导师 张建中,论文学位 硕士,论文专业 应用数学
论文单位 陕西师范大学,点击次数 74,论文页数 58页File Size2348K
2007-04-01论文网 http://www.lw23.com/lunwen_436073677/
cryptology; secret sharing; general secret sharing; security
秘密共享体制是现代密码学领域的一个非常重要的分支,也是信息安全方面的一个重要研究内容。第一个秘密共享方案是(t,n)门限秘密共享方案,在门限秘密共享方案中是把一个秘密分成若干部分(子秘密)给多个参与者掌管,这些参与者中所有达到门限个数或门限以上个数的参与者所构成的子集可以重构这个秘密。门限方案在无形中增加了各参与者具有完全平等的地位权利和可靠性的假设,然而在现实世界里,这样的假设往往难以得到满足。因此,对具有更广泛的适用性的一般接入结构上的秘密共享和可验证秘密共享(即广义秘密共享和广义可验证秘密共享)的研究不仅具有重要的理论意义,而且具有重要的现实意义。 本文主要总结学习了广义秘密共享的发展过程及现状,发现现有的文献对广义秘密共享的研究较少,并且已有的方案在子秘密的重复使用、成员增删、成员欺骗和方案效率等方面存在一些问题。本文针对这些问题,利用已有的知识,设计了几个相对安全高效的广义秘密共享方案。本文的主要研究成果如下: 1.对刘焕平等人给出的特殊的广义秘密共享方案的安全性和性能做了详细的分析,然后将ElGamal数字签名方案应用到该方案中,给出了一个能够防止参与者欺骗的特殊的广义秘密共享方案。 2.针对1中给出的方案在计算量、公开参数等方面存在的问题,分别基于RSA公钥密码体制、LUC公钥密码体制设计了两个相对高效的特殊的广义秘密共享方案,具备以下性质:子秘密由各参与者自己选取,分发者不知道每个参与者所持有的子秘密。在秘密恢复过程中,每位参与者能够验证其他参与者是否进行了欺骗,每位参与者只需维护一个子秘密,就可以实现对多个秘密的共享。 3.分析并发现已有的广义(t,n)门限秘密共享方案的设计缺陷,在此基础上基于Shamir(t,n)门限秘密共享方案的安全性、离散对数问题的困难性和LUC公钥密码体制的特点,给出一个(t_1,n_1;t_2,n_2;…;t_k,n_k)方案,两个t-(t_1,n_1;t_2,n_2;…;t_k,n_k)方案。这些方案可同时防止秘密分发者的欺诈和参与者之间的相互欺诈,参与者的子秘密可以重复使用,可以共享任意多个秘密,并且方案的安全性不会降低。
Secret sharing scheme is an important branch of modern cryptographyand research field of information security. The first secret sharing scheme is a (t,n)threshold secret sharing scheme. In the scheme, the dealer first splits the secret into ndifferent pieces, called shadows, which are given to the participants over a secretchannel. At least t or more participants can use their shadows to collaborativelyreconstruct the secret, but only t-1 or fewer participants will not be enough. Theassumption that every participant have the completely equal position and authority isadded to threshold scheme virtually, but the real world often can"t meet the demand ofsuch assumption. Therefore, research of secret sharing scheme based on general accessstructure not only has important theory meaning but also have important realisticmeanings. This dissertation reviews the research advances and the current situation of generalsecret sharing, discovers that available documents has little research on general secretsharing scheme and some of that also has problems on the repeated use of shadow,member addition and deletion, member deception, scheme efficiency. Aiming at theseproblems, this paper presents design several relatively secure and efficiency generalsecret sharing schemes based on the known knowledge. Main contributions of this paperare summarized as follows: 1. Analyzed security and efficiency of the special general secret sharing schemegiven by Liu Huanping et al, pointed out the flaws in security, applied ElGamalsignature scheme into this scheme, designed a special general secret sharing schemewhich can detect the deception of the participants, but there are still some problems inthis scheme, such as computational complexity, public parameters. 2. Two special general secret sharing schemes based on the property of discretelogarithm and LUC crypto system was given. In these schemes, each participant"s secretshadow was selected by the participant himself and even the dealer did not knowanything about his secret shadows. In the recovery phase, each participant was allowedto check whether another participant provided the true information or not. Eachparticipant can share many secrets with other participants by holding only one shadow. 3. Analyzed and proved the design flaws of the generalized (t,n)threshold secretsharing schemes, designed one (t_1,n_1;…;t_k,n_k)scheme, two t-(t_1,n_1;…;t_k,n_k)schemes. In these schemes, each participant is allowed to check whether anotherparticipant provided the true information or not, the shadows of participants can bereused, many secrets can be shared in one scheme and the security of the originalscheme cannot be descended.
|
