TY - GEN
T1 - Proactive Secret Sharing with a dishonest majority
AU - Dolev, Shlomi
AU - ElDefrawy, Karim
AU - Lampkins, Joshua
AU - Ostrovsky, Rafail
AU - Yung, Moti
N1 - Publisher Copyright:
© Springer International Publishing Switzerland 2016.
PY - 2016/1/1
Y1 - 2016/1/1
N2 - In standard Secret Sharing (SS) a dealer shares a secret s among n parties such that an adversary corrupting no more than t parties does not learn s, while any t + 1 parties can efficiently recover s. Over a long period of time all parties may be corrupted and the threshold t may be violated, which is accounted for in Proactive Secret Sharing (PSS). PSS retains confidentiality even when a mobile adversary corrupts all parties over the lifetime of the secret, but no more than a threshold t during a certain window of time, called the refresh period. Existing PSS schemes only guarantee secrecy in the presence of an honest majority with at most n/2 − 1 total corruptions during such a refresh period; an adversary that corrupts a single additional party beyond the n/2−1 threshold, even if only passively and only temporarily, obtains the secret. We develop the first PSS scheme secure in the presence of a dishonest majority. Our PSS scheme is robust and secure against t < n−2 passive adversaries when there are no active corruptions, and secure but nonrobust (but with identifiable aborts) against t < n/2 − 1 active adversaries when there are no additional passive corruptions. The scheme is also secure (with identifiable aborts) against mixed adversaries controlling a combination of passively and actively corrupted parties such that if there are k active corruptions there are less than n−k−2 total corruptions. Our scheme achieves these high thresholds with O(n4) communication when sharing a single secret. We also observe that communication may be reduced to O(n3) when sharing O(n) secrets in batches. Our work is the first result demonstrating that PSS tolerating such high thresholds and mixed adversaries is possible.
AB - In standard Secret Sharing (SS) a dealer shares a secret s among n parties such that an adversary corrupting no more than t parties does not learn s, while any t + 1 parties can efficiently recover s. Over a long period of time all parties may be corrupted and the threshold t may be violated, which is accounted for in Proactive Secret Sharing (PSS). PSS retains confidentiality even when a mobile adversary corrupts all parties over the lifetime of the secret, but no more than a threshold t during a certain window of time, called the refresh period. Existing PSS schemes only guarantee secrecy in the presence of an honest majority with at most n/2 − 1 total corruptions during such a refresh period; an adversary that corrupts a single additional party beyond the n/2−1 threshold, even if only passively and only temporarily, obtains the secret. We develop the first PSS scheme secure in the presence of a dishonest majority. Our PSS scheme is robust and secure against t < n−2 passive adversaries when there are no active corruptions, and secure but nonrobust (but with identifiable aborts) against t < n/2 − 1 active adversaries when there are no additional passive corruptions. The scheme is also secure (with identifiable aborts) against mixed adversaries controlling a combination of passively and actively corrupted parties such that if there are k active corruptions there are less than n−k−2 total corruptions. Our scheme achieves these high thresholds with O(n4) communication when sharing a single secret. We also observe that communication may be reduced to O(n3) when sharing O(n) secrets in batches. Our work is the first result demonstrating that PSS tolerating such high thresholds and mixed adversaries is possible.
UR - http://www.scopus.com/inward/record.url?scp=84984861356&partnerID=8YFLogxK
U2 - 10.1007/978-3-319-44618-9_28
DO - 10.1007/978-3-319-44618-9_28
M3 - Conference contribution
AN - SCOPUS:84984861356
SN - 9783319446172
T3 - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
SP - 529
EP - 548
BT - Security and Cryptography for Networks - 10th International Conference, SCN 2016, Proceedings
A2 - De Prisco, Roberto
A2 - Zikas, Vassilis
PB - Springer Verlag
T2 - 10th International Conference on Security and Cryptography for Networks, SCN 2016
Y2 - 31 August 2016 through 2 September 2016
ER -