Proactive Secret Sharing Or: How to Cope With Perpetual Leakage

Herzberg, Amir; Jarecki, Stanisław; Krawczyk, Hugo; Yung, Moti

doi:10.1007/3-540-44750-4_27

Cited by 474 publications

(496 citation statements)

References 14 publications

Supporting

Mentioning

472

Contrasting

Unclassified

Order By: Relevance

“…For example, verifiable secret-sharing (VSS) scheme [15][16][17] not only allows the shareholders to verify the validity of their received shares in the share generation and distribution phase but also allows the verification of the revealed shares in the secret reconstruction phase. In proactive secret-sharing schemes [29][30][31], shareholders can refresh their shares periodically without the dealer being involved, so that the shares obtained by the adversaries will become obsolete after the shares are updated. Moreover, the threshold can be dynamically adjusted when some shareholders join in or leave.…”

Section: Some Future Workmentioning

confidence: 99%

How to Share Secret Efficiently over Networks

Harn

Hsu

Xia

et al. 2017

Security and Communication Networks

View full text Add to dashboard Cite

In a secret-sharing scheme, the secret is shared among a set of shareholders, and it can be reconstructed if a quorum of these shareholders work together by releasing their secret shares. However, in many applications, it is undesirable for nonshareholders to learn the secret. In these cases, pairwise secure channels are needed among shareholders to exchange the shares. In other words, a shared key needs to be established between every pair of shareholders. But employing an additional key establishment protocol may make the secret-sharing schemes significantly more complicated. To solve this problem, we introduce a new type of secret-sharing, called protected secret-sharing (PSS), in which the shares possessed by shareholders not only can be used to reconstruct the original secret but also can be used to establish the shared keys between every pair of shareholders. Therefore, in the secret reconstruction phase, the recovered secret is only available to shareholders but not to nonshareholders. In this paper, an information theoretically secure PSS scheme is proposed, its security properties are analyzed, and its computational complexity is evaluated. Moreover, our proposed PSS scheme also can be applied to threshold cryptosystems to prevent nonshareholders from learning the output of the protocols.

show abstract

Section: Some Future Workmentioning

confidence: 99%

How to Share Secret Efficiently over Networks

Harn

Hsu

Xia

et al. 2017

Security and Communication Networks

View full text Add to dashboard Cite

show abstract

“…Periodic proactive refresh make it harder for an adversary to recover k shares of the secret key, since he must recover all k shares within one time period. The standard proactive refresh techniques of [30,24,17] used for ElGamal encryption also apply to our Threshold PKE.…”

Section: Extensionsmentioning

confidence: 99%

“…This approach was outlined in the full versions of [3] and [10] and here we flesh out the full details. In Section 6 we briefly discuss several extensions such as proactive refresh [30,24,17] and distributed key generation [31,21].…”

Section: Introductionmentioning

confidence: 99%

Chosen Ciphertext Secure Public Key Threshold Encryption Without Random Oracles

Boneh

Boyen²,

Halevi³

2006

Lecture Notes in Computer Science

107

120

View full text Add to dashboard Cite

show abstract

“…We propose a distributed certification authority based on threshold cryptography and proactive secret sharing [15], [16]. The traditional public key cryptosystem employed in [15], [16] is impractical for MANETs, as it imposes high computational and communication overhead.…”

Section: Elliptic Curve-based Distributed Certification Authoritymentioning

confidence: 99%

“…The traditional public key cryptosystem employed in [15], [16] is impractical for MANETs, as it imposes high computational and communication overhead. Therefore, we propose the use of ECC [17] to reduce this overhead for the mobile devices.…”

Section: Elliptic Curve-based Distributed Certification Authoritymentioning

confidence: 99%

Distributed CA-based PKI for Mobile Ad Hoc Networks Using Elliptic Curve Cryptography

Zouridaki

Mark

Gaj

et al. 2004

Lecture Notes in Computer Science

View full text Add to dashboard Cite

Abstract. The implementation of a standard PKI in a mobile ad hoc network (MANET) is not practical for several reasons: (1) lack of a fixed infrastructure; (2) a centralized certification authority (CA) represents a single point of failure in the network; (3) the relative locations and logical assignments of nodes vary in time; (4) nodes often have limited transmission and computational power, storage, and battery life. We propose a practical distributed CA-based PKI scheme for MANETs based on Elliptic Curve Cryptography (ECC) that overcomes these challenges. In this scheme, a relatively small number of mobile CA servers provide distributed service for the mobile nodes. The key elements of our approach include the use of threshold cryptography, clusterbased key management with mobile CA servers, and ECC. We show that the proposed scheme is resistant to a wide range of security attacks and can scale easily to networks of large size.

show abstract

Proactive Secret Sharing Or: How to Cope With Perpetual Leakage

Cited by 474 publications

References 14 publications

How to Share Secret Efficiently over Networks

How to Share Secret Efficiently over Networks

Chosen Ciphertext Secure Public Key Threshold Encryption Without Random Oracles

Distributed CA-based PKI for Mobile Ad Hoc Networks Using Elliptic Curve Cryptography

Contact Info

Product

Resources

About