Advertisement

The Detection of Cheaters in Threshold Schemes

  • E. F. Brickell
  • D. R. Stinson
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 403)

Abstract

Informally, a (t, w)-threshold scheme is a way of distributing partial information (shadows) to w participants, so that any t of them can easily calculate a key (or secret), but no subset of fewer than t participants can determine the key. In this paper, we present an unconditionally secure threshold scheme in which any cheating participant can be detected and identified with high probability by any honest participant, even if the cheater is in coalition with other participants. We also give a construction that will detect with high probability a dealer who distributes inconsistent shadows (shares) to the honest participants. Our scheme is not perfect; a set of t − 1 participants can rule out at most \( 1 + \left( {\begin{array}{*{20}c} {w - t + 1} \\ {t - 1} \\ \end{array} } \right) \) possible keys, given the information they have. In our scheme, the key will be an element of GF(q) for some prime power q. Hence, q can be chosen large enough so that the amount of information obtained by any t − 1 participants is negligible.

References

  1. 1.
    Josh Cohen Benaloh, Secret sharing homomorphisms: keeping shares of a secret secret, Advances in Cryptology — CRYPTO 86 Proceedings, pp. 251–260, Lecture Notes in Computer Science, vol. 263, Springer-Verlag, Berlin, 1987.CrossRefGoogle Scholar
  2. 2.
    G. R. Blakley, Safeguarding cryptographic keys, Proc. N. C. C., vol. 48, AFIPS Conference Proceedings 48 (1979), 313–317.Google Scholar
  3. 3.
    David Chaum, personal communication.Google Scholar
  4. 4.
    David Chaum, Claude Crepeau and Ivan Damgard, Multiparty unconditionally secure protocols, to appear in Proceedings of the 20th ACM Symposium on the Theory of Computing, 1988.Google Scholar
  5. 5.
    B. Chor, S. Goldwasser, S. Micali and B. Awerbuch, Verifiable secret sharing and achieving simultaneity in the presence of faults, Proc. 26th IEEE Symp. on Foundations of Computer Science, 1985, 383–395.Google Scholar
  6. 6.
    R. J. McEliece and D. V. Sarwate, On sharing secrets and Reed-Soloman codes, Comm. of the ACM 24 (1981), 583–584.CrossRefMathSciNetGoogle Scholar
  7. 7.
    A. Shamir, How to share a secret, Comm. of the ACM 22, (1979), 612–613.CrossRefzbMATHMathSciNetGoogle Scholar
  8. 8.
    G. Simmons, An introduction to shared secret schemes and their applications, Sandia Report SAND88-2298, 1988.Google Scholar
  9. 9.
    M. Tompa and H. Woll, How to share a secret with cheaters, J. of Cryptology 1 (1988), 133–138CrossRefzbMATHMathSciNetGoogle Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 1990

Authors and Affiliations

  • E. F. Brickell
    • 1
  • D. R. Stinson
    • 2
  1. 1.Sandia National LaboratoriesAlbuquerque
  2. 2.Department of Computer ScienceUniversity of ManitobaWinnipegCanada

Personalised recommendations