Asynchronous Secret Reconstruction and Its Application to the Threshold Cryptography

In Shamir’s(t,n) threshold of the secret sharing scheme, a secret is divided into n shares by a dealer and is shared among n shareholders in such a way that (a) the secret can be reconstructed when there are t or more than t shares;and (b) the secret cannot be obtained when there are fewer than t shares. In the secret reconstruction, participating users can be either legitimate shareholders or attackers. Shamir’s scheme only considers the situation when all participating users are legitimate shareholders. In this paper, we show that when there are more than t users participating and shares are released asynchronously in the secret reconstruction, an attacker can always release his share last. In such a way, after knowing t valid shares of legitimate shareholders, the attacker can obtain the secret and therefore, can successfully impersonate to be a legitimate shareholder without being detected. We propose a simple modification of Shamir’s scheme to fix this security problem. Threshold cryptography is a research of group-oriented applications based on the secret sharing scheme. We show that a similar security problem also exists in threshold cryptographic applications. We propose a modified scheme to fix this security problem as well.

PUF-Based Key Distribution in Wireless Sensor Networks

Physical Unclonable Functions(PUFs)can be seen as kind of hardware one-way functions,who are easily fabricated but difficult to clone,duplicate or predict.Therefore,PUFs with unclonable and unpredictable properties are welcome to be applied in designing lightweight cryptography protocols.In this paper,a Basic Key Distribution Scheme(Basic-KDS)based on PUFs is firstly proposed.Then,by employing different deployment modes,a Random Deployment Key Distribution Scheme(RD-KDS)and a Grouping Deployment Key Distribution Scheme(GD-KDS)are further proposed based on the Basic-KDS for large scale wireless sensor networks.In our proposals,a sensor is not pre-distributed with any keys but will generate one by the embedded PUF when receiving a challenge from the gateway,which provides perfect resilience against sensor capture attacks.Besides,the unclonable and unpredictable properties of PUF guarantee the key uniqueness and two-way authentication.Analysis and experiment results show that our proposals have better performances in improving the resilience,secure-connectivity,and efficiency as compared to other schemes.

Inverted XML Access Control Model Based on Ontology Semantic Dependency

In the era of big data,the conflict between data mining and data privacy protection is increasing day by day.Traditional information security focuses on protecting the security of attribute values without semantic association.The data privacy of big data is mainly reflected in the effective use of data without exposing the user’s sensitive information.Considering the semantic association,reasonable security access for privacy protect is required.Semi-structured and self-descriptive XML(eXtensible Markup Language)has become a common form of data organization for database management in big data environments.Based on the semantic integration nature of XML data,this paper proposes a data access control model for individual users.Through the semantic dependency between data and the integration process from bottom to top,the global visual range of inverted XML structure is realized.Experimental results show that the model effectively protects the privacy and has high access efficiency.

A novel threshold changeable secret sharing scheme

A(t,n)threshold secret sharing scheme is a fundamental tool in many security applications such as cloud computing and multiparty computing.In conventional threshold secret sharing schemes,like Shamir’s scheme based on a univariate polynomial,additional communication key share scheme is needed for shareholders to protect the secrecy of their shares if secret reconstruction is performed over a network.In the secret reconstruction,the threshold changeable secret sharing(TCSS)allows the threshold to be a dynamic value so that if some shares have been compromised in a given time,it needs more shares to reconstruct the secret.Recently,a new secret sharing scheme based on a bivariate polynomial is proposed in which shares generated initially by a dealer can be used not only to reconstruct the secret but also to protect the secrecy of shares when the secret reconstruction is performed over a network.In this paper,we further extend this scheme to enable it to be a TCSS without any modification.Our proposed TCSS is dealer-free and non-interactive.Shares generated by a dealer in our scheme can serve for three purposes,(a)to reconstruct a secret;(b)to protect the secrecy of shares if secret reconstruction is performed over a network;and(c)to enable the threshold changeable property.