To address the problem that existing bipartite secret sharing scheme is short of dynamic characteristic, and to solve the problem that each participant can only use secret share once, this paper proposed a bipartite (...To address the problem that existing bipartite secret sharing scheme is short of dynamic characteristic, and to solve the problem that each participant can only use secret share once, this paper proposed a bipartite (n1+n2, m1+m2)-threshold multi-secret sharing scheme which combined cryptography and hypersphere geometry. In this scheme, we introduced a bivariate function and a coordinate function over finite field Zp to calculate the derived points of secret share, which can reconstruct the shared secrets by producing the intersection point of hypernormal plane and normal line on the hypertangent plane. At the initial stage the secret dealer distributes to each participant a secret share that can be kept secret based on the intractability of discrete logarithm problem and need not be changed with updating the shared secrets.Each cooperative participant only needs to submit a derived point calculated from the secret share without exposing this secret share during the process of reconstructing the shared secret. Analyses indicate that the proposed scheme is not only sound and secure because of hypersphere geometric properties and the difficulty of discrete logarithm problem, but also efficient because of its well dynamic behavior and the invariant secret share. Therefore, this bipartite threshold multi-secret sharing scheme is easy to implement and is applicable in practical settings.展开更多
In the domain of quantum cryptography,the implementation of quantum secret sharing stands as a pivotal element.In this paper,we propose a novel verifiable quantum secret sharing protocol using the d-dimensional produc...In the domain of quantum cryptography,the implementation of quantum secret sharing stands as a pivotal element.In this paper,we propose a novel verifiable quantum secret sharing protocol using the d-dimensional product state and Lagrange interpolation techniques.This protocol is initiated by the dealer Alice,who initially prepares a quantum product state,selected from a predefined set of orthogonal product states within the C~d■C~d framework.Subsequently,the participants execute unitary operations on this product state to recover the underlying secret.Furthermore,we subject the protocol to a rigorous security analysis,considering both eavesdropping attacks and potential dishonesty from the participants.Finally,we conduct a comparative analysis of our protocol against existing schemes.Our scheme exhibits economies of scale by exclusively employing quantum product states,thereby realizing significant cost-efficiency advantages.In terms of access structure,we adopt a(t, n)-threshold architecture,a strategic choice that augments the protocol's practicality and suitability for diverse applications.Furthermore,our protocol includes a rigorous integrity verification mechanism to ensure the honesty and reliability of the participants throughout the execution of the protocol.展开更多
A multi-proxy quantum group signature scheme with threshold shared verification is proposed. An original signer may authorize a proxy group as his proxy agent. Then only the cooperation of all the signers in the proxy...A multi-proxy quantum group signature scheme with threshold shared verification is proposed. An original signer may authorize a proxy group as his proxy agent. Then only the cooperation of all the signers in the proxy group can generate the proxy signature on behalf of the original signer. In the scheme, any t or more of n receivers can verify the message and any t - 1 or fewer receivers cannot verify the validity of the proxy signature.展开更多
This paper proposes a circular threshold quantum secret sharing (TQSS) scheme with polarized single photons. A polarized single photon sequence runs circularly among any t or more of n parties and any t or more of n...This paper proposes a circular threshold quantum secret sharing (TQSS) scheme with polarized single photons. A polarized single photon sequence runs circularly among any t or more of n parties and any t or more of n parties can reconstruct the secret key when they collaborate. It shows that entanglement is not necessary for quantum secret sharing. Moreover, the theoretic efficiency is improved to approach 100% as the single photons carrying the secret key are deterministically forwarded among any t or more of n parties, and each photon can carry one bit of information without quantum storage. This protocol is feasible with current technology.展开更多
Based on Shamir's secret sharing, a (t, n) multi-secret sharing scheme isproposed in this paper p secrets can be shared among n participants, and t or more participants canco-operate to reconstruct these secrets a...Based on Shamir's secret sharing, a (t, n) multi-secret sharing scheme isproposed in this paper p secrets can be shared among n participants, and t or more participants canco-operate to reconstruct these secrets at the same time, but t— 1 or fewerparticipants can derivenothing about these secrets. Each participant's secret shadow is as short as each secret. Comparedwith the existing schemes, the proposed scheme is characterized by the lower complexity of thesecret reconstruction and less public information. The security of this scheme is the same as thatof Shamir' a threshold scheme. Analyses show that this scheme is an efficient, computationallysecure scheme.展开更多
Based on Shamir’s threshold secret sharing scheme and the discrete logarithm problem, a new (t, n) threshold secret sharing scheme is proposed in this paper. In this scheme, each participant’s secret shadow is selec...Based on Shamir’s threshold secret sharing scheme and the discrete logarithm problem, a new (t, n) threshold secret sharing scheme is proposed in this paper. In this scheme, each participant’s secret shadow is selected by the participant himself, and even the secret dealer cannot gain anything about his secret shadow. All the shadows are as short as the shared secret. Each participant can share many secrets with other partici- pants by holding only one shadow. Without extra equations and information designed for verification, each participant is able to check whether another participant provides the true information or not in the recovery phase. Unlike most of the existing schemes, it is unnecessary to maintain a secure channel between each par- ticipant and the dealer. Therefore, this scheme is very attractive, especially under the circumstances that there is no secure channel between the dealer and each participant at all. The security of this scheme is based on that of Shamir’s threshold scheme and the difficulty in solving the discrete logarithm problem. Analyses show that this scheme is a computationally secure and efficient scheme.展开更多
A proxy multisignature scheme with (t, m) threshold shared verification is first proposed based on elliptic curve. In proposed scheme, a proxy signer can sign a message on behalf of n original signers for specific g...A proxy multisignature scheme with (t, m) threshold shared verification is first proposed based on elliptic curve. In proposed scheme, a proxy signer can sign a message on behalf of n original signers for specific group of verifiers and only any t or more verifiers together in the specific group of verifiers are able to verify the validity of the proxy multisignature on behalf of the group of specific verifiers, but t-1 or fewer verifiers can not. Since the proposed scheme is constructed based on elliptic curve, it requires smaller bandwidth and achieves more secrecy of data transmission; it is more etffcient for signature and verification etc.展开更多
A threshold scheme, which is introduced by Shamir in 1979, is very famous as a secret sharing scheme. We can consider that this scheme is based on Lagrange's interpolation formula. A secret sharing scheme has one key...A threshold scheme, which is introduced by Shamir in 1979, is very famous as a secret sharing scheme. We can consider that this scheme is based on Lagrange's interpolation formula. A secret sharing scheme has one key. On the other hand, a multi-secret sharing scheme has more than one key, that is, a multi-secret sharing scheme has p (〉_ 2) keys. Dealer distribute shares of keys among n participants. Gathering t (〈 n) participants, keys can be reconstructed. Yang et al. (2004) gave a scheme of a (t, n) multi-secret sharing based on Lagrange's interpolation. Zhao et al. (2007) gave a scheme of a (t, n) verifiable multi-secret sharing based on Lagrange's interpolation. Recently, Adachi and Okazaki give a scheme of a (t, n) multi-secret sharing based on Hermite interpolation, in the case ofp 〈 t. In this paper, we give a scheme ofa (t, n) verifiable multi-secret sharing based on Hermite interpolation.展开更多
Threshold signature is an important branch of the digital signature scheme,which can distribute signature rights and avoid the abuse of signature rights.With the continuous development of quantum computation and quant...Threshold signature is an important branch of the digital signature scheme,which can distribute signature rights and avoid the abuse of signature rights.With the continuous development of quantum computation and quantum information,quantum threshold signatures are gradually becoming more popular.Recently,a quantum(t,n)threshold group signature scheme was analyzed that uses techniques such as quantum-controlled-not operation and quantum teleportation.However,this scheme cannot resist forgery attack and does not conform to the design of a threshold signature in the signing phase.Based on the original scheme,we propose an improved quantum(t,n)threshold signature scheme using quantum(t,n)threshold secret sharing technology.The analysis proves that the improved scheme can resist forgery attack and collusion attack,and it is undeniable.At the same time,this scheme reduces the level of trust in the arbitrator during the signature phase.展开更多
Shamir proposed a classic polynomial-based secret sharing(SS)scheme,which is also widely applied in secret image sharing(SIS).However,the following researchers paid more attention to the development of properties,such...Shamir proposed a classic polynomial-based secret sharing(SS)scheme,which is also widely applied in secret image sharing(SIS).However,the following researchers paid more attention to the development of properties,such as lossless recovery,rather than the principle of Shamir’s polynomial-based SS scheme.In this paper,we introduce matrix theory to analyze Shamir’s polynomial-based scheme as well as propose a general(k,n)threshold SIS construction based on matrix theory.Besides,it is proved that Shamir’s polynomial-based SS scheme is a special case of our construction method.Both experimental results and analyses are given to demonstrate the effectiveness of the proposed construction method.展开更多
The deficiencies of the first threshold Guilbu-Quisquater signature schemepresented by Li-San Liu, Cheng-Kang Chu and Wen-Guey Tzeng arc analysiscd at first, and then a newthreshold Guillou-Quisquater signature scheme...The deficiencies of the first threshold Guilbu-Quisquater signature schemepresented by Li-San Liu, Cheng-Kang Chu and Wen-Guey Tzeng arc analysiscd at first, and then a newthreshold Guillou-Quisquater signature scheme is presented. The new scheme isunforgeable and robustagainst any adaptive adversary if the base Guillou-Quisquater signature scheme is unforgeable underthe chosen message attack and computing the discrete logarithm modulo a prime is hard This schemecan also achieve optimal resilience. However, the new scheme does not need the assumption that N isthe product of two safe primes. The basie signature scheme underlying the new scheme is exactlyGuillou-Quisqualtr signature scheme, and the additional strong computation assumption introduced bythe first threshold Guillou-Quisquater scheme is weaken.展开更多
A concept of secret sharing scheme with the function of assignment is proposed. It provides great capabilities for many practical applications. In this scheme, the dealer can randomly assign one or more than one parti...A concept of secret sharing scheme with the function of assignment is proposed. It provides great capabilities for many practical applications. In this scheme, the dealer can randomly assign one or more than one participant to get the secret at any time, but these participants can get nothing about the secret before that moment. At the same time, the other participants cannot get anything about the secret by stealing the secret value when it is transferred. However, if the dealer is lost, a certain number or more partidtmnts of them can reoonstruct the secret by ccoperating. In order to clear this concept, an illustrating scheme with geometry method and a practical scheme with algebra method is given.展开更多
In this paper, by using properties of quantum controlled-not manipulation and entanglement states, we have designed a novel (2, 3) quantum threshold scheme based on the Greenberger- Horne -Zeilinger (GHZ) state. T...In this paper, by using properties of quantum controlled-not manipulation and entanglement states, we have designed a novel (2, 3) quantum threshold scheme based on the Greenberger- Horne -Zeilinger (GHZ) state. The proposed scheme involves two phases, i.e. a secret sharing phase and a secret phase. Detailed proofs show that the proposed scheme is of unconditional security. Since the secret is shared among three participants, the proposed scheme may be applied to quantum key distribution and secret sharing.展开更多
In Shamir’s(t,n) threshold of the secret sharing scheme, a secret is divided into n shares by a dealer and is shared among n shareholders in such a way that (a) the secret can be reconstructed when there are t or mor...In Shamir’s(t,n) threshold of the secret sharing scheme, a secret is divided into n shares by a dealer and is shared among n shareholders in such a way that (a) the secret can be reconstructed when there are t or more than t shares;and (b) the secret cannot be obtained when there are fewer than t shares. In the secret reconstruction, participating users can be either legitimate shareholders or attackers. Shamir’s scheme only considers the situation when all participating users are legitimate shareholders. In this paper, we show that when there are more than t users participating and shares are released asynchronously in the secret reconstruction, an attacker can always release his share last. In such a way, after knowing t valid shares of legitimate shareholders, the attacker can obtain the secret and therefore, can successfully impersonate to be a legitimate shareholder without being detected. We propose a simple modification of Shamir’s scheme to fix this security problem. Threshold cryptography is a research of group-oriented applications based on the secret sharing scheme. We show that a similar security problem also exists in threshold cryptographic applications. We propose a modified scheme to fix this security problem as well.展开更多
文摘To address the problem that existing bipartite secret sharing scheme is short of dynamic characteristic, and to solve the problem that each participant can only use secret share once, this paper proposed a bipartite (n1+n2, m1+m2)-threshold multi-secret sharing scheme which combined cryptography and hypersphere geometry. In this scheme, we introduced a bivariate function and a coordinate function over finite field Zp to calculate the derived points of secret share, which can reconstruct the shared secrets by producing the intersection point of hypernormal plane and normal line on the hypertangent plane. At the initial stage the secret dealer distributes to each participant a secret share that can be kept secret based on the intractability of discrete logarithm problem and need not be changed with updating the shared secrets.Each cooperative participant only needs to submit a derived point calculated from the secret share without exposing this secret share during the process of reconstructing the shared secret. Analyses indicate that the proposed scheme is not only sound and secure because of hypersphere geometric properties and the difficulty of discrete logarithm problem, but also efficient because of its well dynamic behavior and the invariant secret share. Therefore, this bipartite threshold multi-secret sharing scheme is easy to implement and is applicable in practical settings.
基金supported by the National Natural Science Foundation of China(Grant No.12301590)the Natural Science Foundation of Hebei Province(Grant No.A2022210002)。
文摘In the domain of quantum cryptography,the implementation of quantum secret sharing stands as a pivotal element.In this paper,we propose a novel verifiable quantum secret sharing protocol using the d-dimensional product state and Lagrange interpolation techniques.This protocol is initiated by the dealer Alice,who initially prepares a quantum product state,selected from a predefined set of orthogonal product states within the C~d■C~d framework.Subsequently,the participants execute unitary operations on this product state to recover the underlying secret.Furthermore,we subject the protocol to a rigorous security analysis,considering both eavesdropping attacks and potential dishonesty from the participants.Finally,we conduct a comparative analysis of our protocol against existing schemes.Our scheme exhibits economies of scale by exclusively employing quantum product states,thereby realizing significant cost-efficiency advantages.In terms of access structure,we adopt a(t, n)-threshold architecture,a strategic choice that augments the protocol's practicality and suitability for diverse applications.Furthermore,our protocol includes a rigorous integrity verification mechanism to ensure the honesty and reliability of the participants throughout the execution of the protocol.
基金Project supported by the National Basic Research Program of China (973 Program) (Grant No 2007CB311100)the National High Technology Research and Development Program of China (Grant Nos 2006AA01Z419 and 20060101Z4015)+4 种基金the Major Research plan of the National Natural Science Foundation of China (Grant No 90604023)2008 Scientific Research Common Program of Beijing Municipal Commission of Education The Scientific Research Foundation for the Youth of Beijing University of Technology (Grant No 97007016200701)the National Research Foundation for the Doctoral Program of Higher Educationof China (Grant No 20040013007)the National Laboratory for Modern Communications Science Foundation of China (GrantNo 9140C1101010601)the Doctor Scientific Research Activation Foundation of Beijing University of Technology (Grant No 52007016200702)
文摘A multi-proxy quantum group signature scheme with threshold shared verification is proposed. An original signer may authorize a proxy group as his proxy agent. Then only the cooperation of all the signers in the proxy group can generate the proxy signature on behalf of the original signer. In the scheme, any t or more of n receivers can verify the message and any t - 1 or fewer receivers cannot verify the validity of the proxy signature.
基金Project supported by the National Basic Research Program of China (973 Program) (Grant No 2007CB311100)the National High Technology Research and Development Program of China (Grant Nos 2006AA01Z419 and 20060101Z4015)+5 种基金the Major Research plan of the National Natural Science Foundation of China (Grant No 90604023)2008 Scientific Research Common Program of Beijing Municipal Commission of Educationthe Scientific Research Foundation for the Youth of Beijing University of Technology(Grant No 97007016200701)the National Research Foundation for the Doctoral Program of Higher Education of China (Grant No20040013007)the National Laboratory for Modern Communications Science Foundation of China (Grant No 9140C1101010601)the Doctor Scientific Research Activation Foundation of Beijing University of Technology (Grant No 52007016200702)
文摘This paper proposes a circular threshold quantum secret sharing (TQSS) scheme with polarized single photons. A polarized single photon sequence runs circularly among any t or more of n parties and any t or more of n parties can reconstruct the secret key when they collaborate. It shows that entanglement is not necessary for quantum secret sharing. Moreover, the theoretic efficiency is improved to approach 100% as the single photons carrying the secret key are deterministically forwarded among any t or more of n parties, and each photon can carry one bit of information without quantum storage. This protocol is feasible with current technology.
文摘Based on Shamir's secret sharing, a (t, n) multi-secret sharing scheme isproposed in this paper p secrets can be shared among n participants, and t or more participants canco-operate to reconstruct these secrets at the same time, but t— 1 or fewerparticipants can derivenothing about these secrets. Each participant's secret shadow is as short as each secret. Comparedwith the existing schemes, the proposed scheme is characterized by the lower complexity of thesecret reconstruction and less public information. The security of this scheme is the same as thatof Shamir' a threshold scheme. Analyses show that this scheme is an efficient, computationallysecure scheme.
基金Supported by the 973 Project of China(G19990358?04)
文摘Based on Shamir’s threshold secret sharing scheme and the discrete logarithm problem, a new (t, n) threshold secret sharing scheme is proposed in this paper. In this scheme, each participant’s secret shadow is selected by the participant himself, and even the secret dealer cannot gain anything about his secret shadow. All the shadows are as short as the shared secret. Each participant can share many secrets with other partici- pants by holding only one shadow. Without extra equations and information designed for verification, each participant is able to check whether another participant provides the true information or not in the recovery phase. Unlike most of the existing schemes, it is unnecessary to maintain a secure channel between each par- ticipant and the dealer. Therefore, this scheme is very attractive, especially under the circumstances that there is no secure channel between the dealer and each participant at all. The security of this scheme is based on that of Shamir’s threshold scheme and the difficulty in solving the discrete logarithm problem. Analyses show that this scheme is a computationally secure and efficient scheme.
基金Supported by the Natural Science Foundation of Guang-dong Province (04300708)
文摘A proxy multisignature scheme with (t, m) threshold shared verification is first proposed based on elliptic curve. In proposed scheme, a proxy signer can sign a message on behalf of n original signers for specific group of verifiers and only any t or more verifiers together in the specific group of verifiers are able to verify the validity of the proxy multisignature on behalf of the group of specific verifiers, but t-1 or fewer verifiers can not. Since the proposed scheme is constructed based on elliptic curve, it requires smaller bandwidth and achieves more secrecy of data transmission; it is more etffcient for signature and verification etc.
文摘A threshold scheme, which is introduced by Shamir in 1979, is very famous as a secret sharing scheme. We can consider that this scheme is based on Lagrange's interpolation formula. A secret sharing scheme has one key. On the other hand, a multi-secret sharing scheme has more than one key, that is, a multi-secret sharing scheme has p (〉_ 2) keys. Dealer distribute shares of keys among n participants. Gathering t (〈 n) participants, keys can be reconstructed. Yang et al. (2004) gave a scheme of a (t, n) multi-secret sharing based on Lagrange's interpolation. Zhao et al. (2007) gave a scheme of a (t, n) verifiable multi-secret sharing based on Lagrange's interpolation. Recently, Adachi and Okazaki give a scheme of a (t, n) multi-secret sharing based on Hermite interpolation, in the case ofp 〈 t. In this paper, we give a scheme ofa (t, n) verifiable multi-secret sharing based on Hermite interpolation.
基金the National Natural Science Foundation of China(Grant Nos.61771294 and 61972235)。
文摘Threshold signature is an important branch of the digital signature scheme,which can distribute signature rights and avoid the abuse of signature rights.With the continuous development of quantum computation and quantum information,quantum threshold signatures are gradually becoming more popular.Recently,a quantum(t,n)threshold group signature scheme was analyzed that uses techniques such as quantum-controlled-not operation and quantum teleportation.However,this scheme cannot resist forgery attack and does not conform to the design of a threshold signature in the signing phase.Based on the original scheme,we propose an improved quantum(t,n)threshold signature scheme using quantum(t,n)threshold secret sharing technology.The analysis proves that the improved scheme can resist forgery attack and collusion attack,and it is undeniable.At the same time,this scheme reduces the level of trust in the arbitrator during the signature phase.
文摘Shamir proposed a classic polynomial-based secret sharing(SS)scheme,which is also widely applied in secret image sharing(SIS).However,the following researchers paid more attention to the development of properties,such as lossless recovery,rather than the principle of Shamir’s polynomial-based SS scheme.In this paper,we introduce matrix theory to analyze Shamir’s polynomial-based scheme as well as propose a general(k,n)threshold SIS construction based on matrix theory.Besides,it is proved that Shamir’s polynomial-based SS scheme is a special case of our construction method.Both experimental results and analyses are given to demonstrate the effectiveness of the proposed construction method.
文摘The deficiencies of the first threshold Guilbu-Quisquater signature schemepresented by Li-San Liu, Cheng-Kang Chu and Wen-Guey Tzeng arc analysiscd at first, and then a newthreshold Guillou-Quisquater signature scheme is presented. The new scheme isunforgeable and robustagainst any adaptive adversary if the base Guillou-Quisquater signature scheme is unforgeable underthe chosen message attack and computing the discrete logarithm modulo a prime is hard This schemecan also achieve optimal resilience. However, the new scheme does not need the assumption that N isthe product of two safe primes. The basie signature scheme underlying the new scheme is exactlyGuillou-Quisqualtr signature scheme, and the additional strong computation assumption introduced bythe first threshold Guillou-Quisquater scheme is weaken.
基金This project was supported by Liuhui Applied Mathematics Center of Nankai University .
文摘A concept of secret sharing scheme with the function of assignment is proposed. It provides great capabilities for many practical applications. In this scheme, the dealer can randomly assign one or more than one participant to get the secret at any time, but these participants can get nothing about the secret before that moment. At the same time, the other participants cannot get anything about the secret by stealing the secret value when it is transferred. However, if the dealer is lost, a certain number or more partidtmnts of them can reoonstruct the secret by ccoperating. In order to clear this concept, an illustrating scheme with geometry method and a practical scheme with algebra method is given.
基金Project supported by the National Natural Science Foundation of China (Grant No 60472018).
文摘In this paper, by using properties of quantum controlled-not manipulation and entanglement states, we have designed a novel (2, 3) quantum threshold scheme based on the Greenberger- Horne -Zeilinger (GHZ) state. The proposed scheme involves two phases, i.e. a secret sharing phase and a secret phase. Detailed proofs show that the proposed scheme is of unconditional security. Since the secret is shared among three participants, the proposed scheme may be applied to quantum key distribution and secret sharing.
文摘In Shamir’s(t,n) threshold of the secret sharing scheme, a secret is divided into n shares by a dealer and is shared among n shareholders in such a way that (a) the secret can be reconstructed when there are t or more than t shares;and (b) the secret cannot be obtained when there are fewer than t shares. In the secret reconstruction, participating users can be either legitimate shareholders or attackers. Shamir’s scheme only considers the situation when all participating users are legitimate shareholders. In this paper, we show that when there are more than t users participating and shares are released asynchronously in the secret reconstruction, an attacker can always release his share last. In such a way, after knowing t valid shares of legitimate shareholders, the attacker can obtain the secret and therefore, can successfully impersonate to be a legitimate shareholder without being detected. We propose a simple modification of Shamir’s scheme to fix this security problem. Threshold cryptography is a research of group-oriented applications based on the secret sharing scheme. We show that a similar security problem also exists in threshold cryptographic applications. We propose a modified scheme to fix this security problem as well.
