How to Share a Secret with Cheaters
This paper demonstrates that Shamir’s scheme (“How to share a secret”, Communications of the ACM, vol. 22, no. 11, November 1979, 612–613) is not secure against cheating. A small modification to his scheme retains the security and efficiency of the original, is secure against cheating, and preserves the property that its security does not depend on any unproven assumptions such as the intractability of computing number-theoretic functions.
- 1.A. Aho, J. Hopcroft, and J. Ullman. The Design and Analysis of Computer Algorithms. Addison-Wesley, 1974.Google Scholar
- 2.B. Chor, S. Goldwasser, S. Micali, and B. Awerbuch. Verifiable secret sharing and achieving simultaneity in the presence of faults. Proc. 26th IEEE Symp. Found. Comp. Sci., pages 383–395, October 1985.Google Scholar
- 3.O. Goldreich, S. Micali, and A. Wigderson. How to prove all NP statements in zero-knowledge and a methodology of cryptographic protocol design. These Proceedings, 1987.Google Scholar
- 4.S. Goldwasser and J. Killian. Almost all primes can be quickly certified. Proc. 18th Annual ACM Symp. Theory Comput., pages 316–329, May 1986.Google Scholar
- 5.S. Goldwasser, S. Micali, and R. Rivest. A ‘paradoxical’ solution to the signature problem. Proc. 25th IEEE Symp. Found. Comp. Sci., pages 441–448, October 1984.Google Scholar
- 6.M. Rabin. Randomized Byzantine generals. Proc. 24th IEEE Symp. Found. Comp. Sci., pages 403–409, November 1983.Google Scholar