In the domain of quantum cryptography,the implementation of quantum secret sharing stands as a pivotal element.In this paper,we propose a novel verifiable quantum secret sharing protocol using the d-dimensional produc...In the domain of quantum cryptography,the implementation of quantum secret sharing stands as a pivotal element.In this paper,we propose a novel verifiable quantum secret sharing protocol using the d-dimensional product state and Lagrange interpolation techniques.This protocol is initiated by the dealer Alice,who initially prepares a quantum product state,selected from a predefined set of orthogonal product states within the C~d■C~d framework.Subsequently,the participants execute unitary operations on this product state to recover the underlying secret.Furthermore,we subject the protocol to a rigorous security analysis,considering both eavesdropping attacks and potential dishonesty from the participants.Finally,we conduct a comparative analysis of our protocol against existing schemes.Our scheme exhibits economies of scale by exclusively employing quantum product states,thereby realizing significant cost-efficiency advantages.In terms of access structure,we adopt a(t, n)-threshold architecture,a strategic choice that augments the protocol's practicality and suitability for diverse applications.Furthermore,our protocol includes a rigorous integrity verification mechanism to ensure the honesty and reliability of the participants throughout the execution of the protocol.展开更多
This paper proposes a circular threshold quantum secret sharing (TQSS) scheme with polarized single photons. A polarized single photon sequence runs circularly among any t or more of n parties and any t or more of n...This paper proposes a circular threshold quantum secret sharing (TQSS) scheme with polarized single photons. A polarized single photon sequence runs circularly among any t or more of n parties and any t or more of n parties can reconstruct the secret key when they collaborate. It shows that entanglement is not necessary for quantum secret sharing. Moreover, the theoretic efficiency is improved to approach 100% as the single photons carrying the secret key are deterministically forwarded among any t or more of n parties, and each photon can carry one bit of information without quantum storage. This protocol is feasible with current technology.展开更多
Based on Shamir’s threshold secret sharing scheme and the discrete logarithm problem, a new (t, n) threshold secret sharing scheme is proposed in this paper. In this scheme, each participant’s secret shadow is selec...Based on Shamir’s threshold secret sharing scheme and the discrete logarithm problem, a new (t, n) threshold secret sharing scheme is proposed in this paper. In this scheme, each participant’s secret shadow is selected by the participant himself, and even the secret dealer cannot gain anything about his secret shadow. All the shadows are as short as the shared secret. Each participant can share many secrets with other partici- pants by holding only one shadow. Without extra equations and information designed for verification, each participant is able to check whether another participant provides the true information or not in the recovery phase. Unlike most of the existing schemes, it is unnecessary to maintain a secure channel between each par- ticipant and the dealer. Therefore, this scheme is very attractive, especially under the circumstances that there is no secure channel between the dealer and each participant at all. The security of this scheme is based on that of Shamir’s threshold scheme and the difficulty in solving the discrete logarithm problem. Analyses show that this scheme is a computationally secure and efficient scheme.展开更多
To address the problem that existing bipartite secret sharing scheme is short of dynamic characteristic, and to solve the problem that each participant can only use secret share once, this paper proposed a bipartite (...To address the problem that existing bipartite secret sharing scheme is short of dynamic characteristic, and to solve the problem that each participant can only use secret share once, this paper proposed a bipartite (n1+n2, m1+m2)-threshold multi-secret sharing scheme which combined cryptography and hypersphere geometry. In this scheme, we introduced a bivariate function and a coordinate function over finite field Zp to calculate the derived points of secret share, which can reconstruct the shared secrets by producing the intersection point of hypernormal plane and normal line on the hypertangent plane. At the initial stage the secret dealer distributes to each participant a secret share that can be kept secret based on the intractability of discrete logarithm problem and need not be changed with updating the shared secrets.Each cooperative participant only needs to submit a derived point calculated from the secret share without exposing this secret share during the process of reconstructing the shared secret. Analyses indicate that the proposed scheme is not only sound and secure because of hypersphere geometric properties and the difficulty of discrete logarithm problem, but also efficient because of its well dynamic behavior and the invariant secret share. Therefore, this bipartite threshold multi-secret sharing scheme is easy to implement and is applicable in practical settings.展开更多
A concept of secret sharing scheme with the function of assignment is proposed. It provides great capabilities for many practical applications. In this scheme, the dealer can randomly assign one or more than one parti...A concept of secret sharing scheme with the function of assignment is proposed. It provides great capabilities for many practical applications. In this scheme, the dealer can randomly assign one or more than one participant to get the secret at any time, but these participants can get nothing about the secret before that moment. At the same time, the other participants cannot get anything about the secret by stealing the secret value when it is transferred. However, if the dealer is lost, a certain number or more partidtmnts of them can reoonstruct the secret by ccoperating. In order to clear this concept, an illustrating scheme with geometry method and a practical scheme with algebra method is given.展开更多
In Shamir’s(t,n) threshold of the secret sharing scheme, a secret is divided into n shares by a dealer and is shared among n shareholders in such a way that (a) the secret can be reconstructed when there are t or mor...In Shamir’s(t,n) threshold of the secret sharing scheme, a secret is divided into n shares by a dealer and is shared among n shareholders in such a way that (a) the secret can be reconstructed when there are t or more than t shares;and (b) the secret cannot be obtained when there are fewer than t shares. In the secret reconstruction, participating users can be either legitimate shareholders or attackers. Shamir’s scheme only considers the situation when all participating users are legitimate shareholders. In this paper, we show that when there are more than t users participating and shares are released asynchronously in the secret reconstruction, an attacker can always release his share last. In such a way, after knowing t valid shares of legitimate shareholders, the attacker can obtain the secret and therefore, can successfully impersonate to be a legitimate shareholder without being detected. We propose a simple modification of Shamir’s scheme to fix this security problem. Threshold cryptography is a research of group-oriented applications based on the secret sharing scheme. We show that a similar security problem also exists in threshold cryptographic applications. We propose a modified scheme to fix this security problem as well.展开更多
Based on Shamir's secret sharing, a (t, n) multi-secret sharing scheme isproposed in this paper p secrets can be shared among n participants, and t or more participants canco-operate to reconstruct these secrets a...Based on Shamir's secret sharing, a (t, n) multi-secret sharing scheme isproposed in this paper p secrets can be shared among n participants, and t or more participants canco-operate to reconstruct these secrets at the same time, but t— 1 or fewerparticipants can derivenothing about these secrets. Each participant's secret shadow is as short as each secret. Comparedwith the existing schemes, the proposed scheme is characterized by the lower complexity of thesecret reconstruction and less public information. The security of this scheme is the same as thatof Shamir' a threshold scheme. Analyses show that this scheme is an efficient, computationallysecure scheme.展开更多
Recently, Chang et al. proposed a Sudoku-based secret image sharing scheme. They utilized the Sudoku grid to generate meaningful shadow images, and their scheme satisfied all essential requirements. Based on Chang et ...Recently, Chang et al. proposed a Sudoku-based secret image sharing scheme. They utilized the Sudoku grid to generate meaningful shadow images, and their scheme satisfied all essential requirements. Based on Chang et al.'s scheme, we propose a novel (n, n) secret image sharing scheme based on Sudoku. In the proposed scheme, a secret image can be shared among n different cover images by generating n shadow images, and the secret image can be reconstructed without distortion using only these n shadow images. Also, the proposed scheme can solve the overflow and underflow problems. The experimental results show that the visual quality of the shadow images is satisfactory. Furthermore, the proposed scheme allows for a large embedding capacity.展开更多
Verifiable secret sharing is a special kind of secret sharing. In this paper, A secure and efficient threshold secret sharing scheme is proposed by using the plane parametric curve on the basis of the principle of sec...Verifiable secret sharing is a special kind of secret sharing. In this paper, A secure and efficient threshold secret sharing scheme is proposed by using the plane parametric curve on the basis of the principle of secret sharing. And the performance of this threshold scheme is analyzed. The results reveal that the threshold scheme has its own advantage of one-parameter representation for a master key, and it is a perfect ideal secret sharing scheme. It can easily detect cheaters by single operation in the participants so that the probability of valid cheating is less than 1/<em>p</em> (where <em>p</em> is a large prime).展开更多
A (t, n)--secret sharing scheme is a method of distribution of information among n participants such that t 〉 1 can reconstruct the secret but (t - 1) cannot. We explore some (k, n)--secret sharing schemes base...A (t, n)--secret sharing scheme is a method of distribution of information among n participants such that t 〉 1 can reconstruct the secret but (t - 1) cannot. We explore some (k, n)--secret sharing schemes based on the finite fields.展开更多
The main purpose of verifiable secret sharing scheme is to solve the honesty problem of participants. In this paper, the concept of nonzero <em>k</em>-submatrix and theresidual vector of system of hyperpla...The main purpose of verifiable secret sharing scheme is to solve the honesty problem of participants. In this paper, the concept of nonzero <em>k</em>-submatrix and theresidual vector of system of hyperplane intersecting line equations is proposed. Based on certain projective transformations in projective space, a verifiable (<em>t</em>, <em>n</em>)-threshold secret sharing scheme is designed by using the structure of solutions of linear equations and the difficulty of solving discrete logarithm problems. The results show that this scheme can verify the correctness of the subkey provided by each participant before the reconstruction of the master key, and can effectively identify the fraudster. The fraudster can only cheat by guessing and the probability of success is only 1/<em>p</em>. The design of the scheme is exquisite and the calculation complexity is small. Each participant only needs to hold a subkey, which is convenient for management and use. The analysis shows that the scheme in this paper meets the security requirements and rules of secret sharing, and it is a computationally secure and effective scheme with good practical value.展开更多
The deficiencies of the first threshold Guilbu-Quisquater signature schemepresented by Li-San Liu, Cheng-Kang Chu and Wen-Guey Tzeng arc analysiscd at first, and then a newthreshold Guillou-Quisquater signature scheme...The deficiencies of the first threshold Guilbu-Quisquater signature schemepresented by Li-San Liu, Cheng-Kang Chu and Wen-Guey Tzeng arc analysiscd at first, and then a newthreshold Guillou-Quisquater signature scheme is presented. The new scheme isunforgeable and robustagainst any adaptive adversary if the base Guillou-Quisquater signature scheme is unforgeable underthe chosen message attack and computing the discrete logarithm modulo a prime is hard This schemecan also achieve optimal resilience. However, the new scheme does not need the assumption that N isthe product of two safe primes. The basie signature scheme underlying the new scheme is exactlyGuillou-Quisqualtr signature scheme, and the additional strong computation assumption introduced bythe first threshold Guillou-Quisquater scheme is weaken.展开更多
In this paper, by using properties of quantum controlled-not manipulation and entanglement states, we have designed a novel (2, 3) quantum threshold scheme based on the Greenberger- Horne -Zeilinger (GHZ) state. T...In this paper, by using properties of quantum controlled-not manipulation and entanglement states, we have designed a novel (2, 3) quantum threshold scheme based on the Greenberger- Horne -Zeilinger (GHZ) state. The proposed scheme involves two phases, i.e. a secret sharing phase and a secret phase. Detailed proofs show that the proposed scheme is of unconditional security. Since the secret is shared among three participants, the proposed scheme may be applied to quantum key distribution and secret sharing.展开更多
Based on tht difficulty of solving the ECDLP (elliptic curve discretelogarithm problem) on the finite field, we present a (t, n) threshold signature scheme and averifiable key agreement scheme without trusted party. A...Based on tht difficulty of solving the ECDLP (elliptic curve discretelogarithm problem) on the finite field, we present a (t, n) threshold signature scheme and averifiable key agreement scheme without trusted party. Applying a modified elliptic curve signatureequation, we gel a more efficient signature scheme than the existing ECDSA (elliptic curve digitalsignature algorithm) from the computability and security view. Our scheme has a shorter key, fastercomputation, and better security.展开更多
This paper proposes a new proactive weighted threshold signature scheme based on Iflene's general secret sharing, the generalized Chinese remainder theorem, and the RSA threshold signature, which is itself based on t...This paper proposes a new proactive weighted threshold signature scheme based on Iflene's general secret sharing, the generalized Chinese remainder theorem, and the RSA threshold signature, which is itself based on the Chinese reminder theorem. In our scheme, group members are divided into different subgroups, and a positive weight is associated to each subgroup, where all members of the same subgroup have the same weight. The group signature can be generated if and only if the sum of the weights of members involved is greater than or equal to a fixed threshold value. Meanwhile, the private key of the group members and the public key of the group can be updated periodically by performing a simple operation aimed at refreshing the group signature message. This periodical refreshed individual signature message can enhance the security of the proposed weighted threshold signature scheme.展开更多
Threshold signature is an important branch of the digital signature scheme,which can distribute signature rights and avoid the abuse of signature rights.With the continuous development of quantum computation and quant...Threshold signature is an important branch of the digital signature scheme,which can distribute signature rights and avoid the abuse of signature rights.With the continuous development of quantum computation and quantum information,quantum threshold signatures are gradually becoming more popular.Recently,a quantum(t,n)threshold group signature scheme was analyzed that uses techniques such as quantum-controlled-not operation and quantum teleportation.However,this scheme cannot resist forgery attack and does not conform to the design of a threshold signature in the signing phase.Based on the original scheme,we propose an improved quantum(t,n)threshold signature scheme using quantum(t,n)threshold secret sharing technology.The analysis proves that the improved scheme can resist forgery attack and collusion attack,and it is undeniable.At the same time,this scheme reduces the level of trust in the arbitrator during the signature phase.展开更多
The collaboration of at least a threshold number of secret shareholders in a threshold secret sharing scheme is a strict requirement to ensure its intended functionality. Due to its promising characteristics, such a s...The collaboration of at least a threshold number of secret shareholders in a threshold secret sharing scheme is a strict requirement to ensure its intended functionality. Due to its promising characteristics, such a scheme has been proposed to solve a range of security problems in mobile ad hoc networks. However, discovering a sufficient number of secret shareholders in such dynamic and unpredictable networks is not easy. In this paper, we propose a more efficient shareholder discovery mechanism compared to our previous work. The discovery process is performed in a multihop fashion to adapt to the mobile ad hoc network environment. We introduce batch extension that gradually extends the shareholders' collaboration boundary by more than one hop at a time around the service requestor, to find at least the threshold number of the unknown shareholders. Through the batch extension, reply aggregation is applicable, hence reducing the redundancy use of reply routes, decreasing the required packet transmission, and lessening the service delay, compared to the previously proposed mechanism. Our simulation results show that, with the appropriate batch size, the latest mechanism is more efficient with an insignificant increase of control overhead.展开更多
基金supported by the National Natural Science Foundation of China(Grant No.12301590)the Natural Science Foundation of Hebei Province(Grant No.A2022210002)。
文摘In the domain of quantum cryptography,the implementation of quantum secret sharing stands as a pivotal element.In this paper,we propose a novel verifiable quantum secret sharing protocol using the d-dimensional product state and Lagrange interpolation techniques.This protocol is initiated by the dealer Alice,who initially prepares a quantum product state,selected from a predefined set of orthogonal product states within the C~d■C~d framework.Subsequently,the participants execute unitary operations on this product state to recover the underlying secret.Furthermore,we subject the protocol to a rigorous security analysis,considering both eavesdropping attacks and potential dishonesty from the participants.Finally,we conduct a comparative analysis of our protocol against existing schemes.Our scheme exhibits economies of scale by exclusively employing quantum product states,thereby realizing significant cost-efficiency advantages.In terms of access structure,we adopt a(t, n)-threshold architecture,a strategic choice that augments the protocol's practicality and suitability for diverse applications.Furthermore,our protocol includes a rigorous integrity verification mechanism to ensure the honesty and reliability of the participants throughout the execution of the protocol.
基金Project supported by the National Basic Research Program of China (973 Program) (Grant No 2007CB311100)the National High Technology Research and Development Program of China (Grant Nos 2006AA01Z419 and 20060101Z4015)+5 种基金the Major Research plan of the National Natural Science Foundation of China (Grant No 90604023)2008 Scientific Research Common Program of Beijing Municipal Commission of Educationthe Scientific Research Foundation for the Youth of Beijing University of Technology(Grant No 97007016200701)the National Research Foundation for the Doctoral Program of Higher Education of China (Grant No20040013007)the National Laboratory for Modern Communications Science Foundation of China (Grant No 9140C1101010601)the Doctor Scientific Research Activation Foundation of Beijing University of Technology (Grant No 52007016200702)
文摘This paper proposes a circular threshold quantum secret sharing (TQSS) scheme with polarized single photons. A polarized single photon sequence runs circularly among any t or more of n parties and any t or more of n parties can reconstruct the secret key when they collaborate. It shows that entanglement is not necessary for quantum secret sharing. Moreover, the theoretic efficiency is improved to approach 100% as the single photons carrying the secret key are deterministically forwarded among any t or more of n parties, and each photon can carry one bit of information without quantum storage. This protocol is feasible with current technology.
基金Supported by the 973 Project of China(G19990358?04)
文摘Based on Shamir’s threshold secret sharing scheme and the discrete logarithm problem, a new (t, n) threshold secret sharing scheme is proposed in this paper. In this scheme, each participant’s secret shadow is selected by the participant himself, and even the secret dealer cannot gain anything about his secret shadow. All the shadows are as short as the shared secret. Each participant can share many secrets with other partici- pants by holding only one shadow. Without extra equations and information designed for verification, each participant is able to check whether another participant provides the true information or not in the recovery phase. Unlike most of the existing schemes, it is unnecessary to maintain a secure channel between each par- ticipant and the dealer. Therefore, this scheme is very attractive, especially under the circumstances that there is no secure channel between the dealer and each participant at all. The security of this scheme is based on that of Shamir’s threshold scheme and the difficulty in solving the discrete logarithm problem. Analyses show that this scheme is a computationally secure and efficient scheme.
文摘To address the problem that existing bipartite secret sharing scheme is short of dynamic characteristic, and to solve the problem that each participant can only use secret share once, this paper proposed a bipartite (n1+n2, m1+m2)-threshold multi-secret sharing scheme which combined cryptography and hypersphere geometry. In this scheme, we introduced a bivariate function and a coordinate function over finite field Zp to calculate the derived points of secret share, which can reconstruct the shared secrets by producing the intersection point of hypernormal plane and normal line on the hypertangent plane. At the initial stage the secret dealer distributes to each participant a secret share that can be kept secret based on the intractability of discrete logarithm problem and need not be changed with updating the shared secrets.Each cooperative participant only needs to submit a derived point calculated from the secret share without exposing this secret share during the process of reconstructing the shared secret. Analyses indicate that the proposed scheme is not only sound and secure because of hypersphere geometric properties and the difficulty of discrete logarithm problem, but also efficient because of its well dynamic behavior and the invariant secret share. Therefore, this bipartite threshold multi-secret sharing scheme is easy to implement and is applicable in practical settings.
基金This project was supported by Liuhui Applied Mathematics Center of Nankai University .
文摘A concept of secret sharing scheme with the function of assignment is proposed. It provides great capabilities for many practical applications. In this scheme, the dealer can randomly assign one or more than one participant to get the secret at any time, but these participants can get nothing about the secret before that moment. At the same time, the other participants cannot get anything about the secret by stealing the secret value when it is transferred. However, if the dealer is lost, a certain number or more partidtmnts of them can reoonstruct the secret by ccoperating. In order to clear this concept, an illustrating scheme with geometry method and a practical scheme with algebra method is given.
文摘In Shamir’s(t,n) threshold of the secret sharing scheme, a secret is divided into n shares by a dealer and is shared among n shareholders in such a way that (a) the secret can be reconstructed when there are t or more than t shares;and (b) the secret cannot be obtained when there are fewer than t shares. In the secret reconstruction, participating users can be either legitimate shareholders or attackers. Shamir’s scheme only considers the situation when all participating users are legitimate shareholders. In this paper, we show that when there are more than t users participating and shares are released asynchronously in the secret reconstruction, an attacker can always release his share last. In such a way, after knowing t valid shares of legitimate shareholders, the attacker can obtain the secret and therefore, can successfully impersonate to be a legitimate shareholder without being detected. We propose a simple modification of Shamir’s scheme to fix this security problem. Threshold cryptography is a research of group-oriented applications based on the secret sharing scheme. We show that a similar security problem also exists in threshold cryptographic applications. We propose a modified scheme to fix this security problem as well.
文摘Based on Shamir's secret sharing, a (t, n) multi-secret sharing scheme isproposed in this paper p secrets can be shared among n participants, and t or more participants canco-operate to reconstruct these secrets at the same time, but t— 1 or fewerparticipants can derivenothing about these secrets. Each participant's secret shadow is as short as each secret. Comparedwith the existing schemes, the proposed scheme is characterized by the lower complexity of thesecret reconstruction and less public information. The security of this scheme is the same as thatof Shamir' a threshold scheme. Analyses show that this scheme is an efficient, computationallysecure scheme.
基金supported by the National Natural Science Foundation of China Under Grant No.61272374 and No.61272371
文摘Recently, Chang et al. proposed a Sudoku-based secret image sharing scheme. They utilized the Sudoku grid to generate meaningful shadow images, and their scheme satisfied all essential requirements. Based on Chang et al.'s scheme, we propose a novel (n, n) secret image sharing scheme based on Sudoku. In the proposed scheme, a secret image can be shared among n different cover images by generating n shadow images, and the secret image can be reconstructed without distortion using only these n shadow images. Also, the proposed scheme can solve the overflow and underflow problems. The experimental results show that the visual quality of the shadow images is satisfactory. Furthermore, the proposed scheme allows for a large embedding capacity.
文摘Verifiable secret sharing is a special kind of secret sharing. In this paper, A secure and efficient threshold secret sharing scheme is proposed by using the plane parametric curve on the basis of the principle of secret sharing. And the performance of this threshold scheme is analyzed. The results reveal that the threshold scheme has its own advantage of one-parameter representation for a master key, and it is a perfect ideal secret sharing scheme. It can easily detect cheaters by single operation in the participants so that the probability of valid cheating is less than 1/<em>p</em> (where <em>p</em> is a large prime).
文摘A (t, n)--secret sharing scheme is a method of distribution of information among n participants such that t 〉 1 can reconstruct the secret but (t - 1) cannot. We explore some (k, n)--secret sharing schemes based on the finite fields.
文摘The main purpose of verifiable secret sharing scheme is to solve the honesty problem of participants. In this paper, the concept of nonzero <em>k</em>-submatrix and theresidual vector of system of hyperplane intersecting line equations is proposed. Based on certain projective transformations in projective space, a verifiable (<em>t</em>, <em>n</em>)-threshold secret sharing scheme is designed by using the structure of solutions of linear equations and the difficulty of solving discrete logarithm problems. The results show that this scheme can verify the correctness of the subkey provided by each participant before the reconstruction of the master key, and can effectively identify the fraudster. The fraudster can only cheat by guessing and the probability of success is only 1/<em>p</em>. The design of the scheme is exquisite and the calculation complexity is small. Each participant only needs to hold a subkey, which is convenient for management and use. The analysis shows that the scheme in this paper meets the security requirements and rules of secret sharing, and it is a computationally secure and effective scheme with good practical value.
文摘The deficiencies of the first threshold Guilbu-Quisquater signature schemepresented by Li-San Liu, Cheng-Kang Chu and Wen-Guey Tzeng arc analysiscd at first, and then a newthreshold Guillou-Quisquater signature scheme is presented. The new scheme isunforgeable and robustagainst any adaptive adversary if the base Guillou-Quisquater signature scheme is unforgeable underthe chosen message attack and computing the discrete logarithm modulo a prime is hard This schemecan also achieve optimal resilience. However, the new scheme does not need the assumption that N isthe product of two safe primes. The basie signature scheme underlying the new scheme is exactlyGuillou-Quisqualtr signature scheme, and the additional strong computation assumption introduced bythe first threshold Guillou-Quisquater scheme is weaken.
基金Project supported by the National Natural Science Foundation of China (Grant No 60472018).
文摘In this paper, by using properties of quantum controlled-not manipulation and entanglement states, we have designed a novel (2, 3) quantum threshold scheme based on the Greenberger- Horne -Zeilinger (GHZ) state. The proposed scheme involves two phases, i.e. a secret sharing phase and a secret phase. Detailed proofs show that the proposed scheme is of unconditional security. Since the secret is shared among three participants, the proposed scheme may be applied to quantum key distribution and secret sharing.
文摘Based on tht difficulty of solving the ECDLP (elliptic curve discretelogarithm problem) on the finite field, we present a (t, n) threshold signature scheme and averifiable key agreement scheme without trusted party. Applying a modified elliptic curve signatureequation, we gel a more efficient signature scheme than the existing ECDSA (elliptic curve digitalsignature algorithm) from the computability and security view. Our scheme has a shorter key, fastercomputation, and better security.
基金supported by the National Natural Science Foundation of China under Grant No. 61103233
文摘This paper proposes a new proactive weighted threshold signature scheme based on Iflene's general secret sharing, the generalized Chinese remainder theorem, and the RSA threshold signature, which is itself based on the Chinese reminder theorem. In our scheme, group members are divided into different subgroups, and a positive weight is associated to each subgroup, where all members of the same subgroup have the same weight. The group signature can be generated if and only if the sum of the weights of members involved is greater than or equal to a fixed threshold value. Meanwhile, the private key of the group members and the public key of the group can be updated periodically by performing a simple operation aimed at refreshing the group signature message. This periodical refreshed individual signature message can enhance the security of the proposed weighted threshold signature scheme.
基金the National Natural Science Foundation of China(Grant Nos.61771294 and 61972235)。
文摘Threshold signature is an important branch of the digital signature scheme,which can distribute signature rights and avoid the abuse of signature rights.With the continuous development of quantum computation and quantum information,quantum threshold signatures are gradually becoming more popular.Recently,a quantum(t,n)threshold group signature scheme was analyzed that uses techniques such as quantum-controlled-not operation and quantum teleportation.However,this scheme cannot resist forgery attack and does not conform to the design of a threshold signature in the signing phase.Based on the original scheme,we propose an improved quantum(t,n)threshold signature scheme using quantum(t,n)threshold secret sharing technology.The analysis proves that the improved scheme can resist forgery attack and collusion attack,and it is undeniable.At the same time,this scheme reduces the level of trust in the arbitrator during the signature phase.
文摘The collaboration of at least a threshold number of secret shareholders in a threshold secret sharing scheme is a strict requirement to ensure its intended functionality. Due to its promising characteristics, such a scheme has been proposed to solve a range of security problems in mobile ad hoc networks. However, discovering a sufficient number of secret shareholders in such dynamic and unpredictable networks is not easy. In this paper, we propose a more efficient shareholder discovery mechanism compared to our previous work. The discovery process is performed in a multihop fashion to adapt to the mobile ad hoc network environment. We introduce batch extension that gradually extends the shareholders' collaboration boundary by more than one hop at a time around the service requestor, to find at least the threshold number of the unknown shareholders. Through the batch extension, reply aggregation is applicable, hence reducing the redundancy use of reply routes, decreasing the required packet transmission, and lessening the service delay, compared to the previously proposed mechanism. Our simulation results show that, with the appropriate batch size, the latest mechanism is more efficient with an insignificant increase of control overhead.
