Provably Secure Proactive Secret Sharing Without the Adjacent Assumption
In secret sharing (SS), the secret is shared among a number of parties so that only a quorum of these parties can recover the secret, but a smaller set of parties cannot learn any information about the secret. However, the traditional SS technique is insufficient to protect the secret with a long lifetime, because the adversary may gradually compromise enough parties to retrieve the secret over the long time. To solve this issue, proactive secret sharing (PSS) divides the lifetime of the secret into many short time periods and the parties jointly update their secret shares in each time period. The benefit is that if the adversary cannot break into enough parties in a single time period, her compromised shares will become obsolete after the shares being updated.
In the last two decades, many PSS schemes have been proposed and they are widely used in various security protocols. However, the majority of existing PSS schemes require the adjacent assumption, i.e. if a party is corrupted during an update phase, it is corrupted in both time periods adjacent to that update phase. Note that this assumption not only hinders the security model to capture the mobile adversary’s abilities, but also prevents PSS schemes being used in many real-world applications. In this paper, we revisit the research of PSS, and our work contributes in the following aspects. Firstly, we discuss why some existing schemes (including Herzberg’s PSS scheme) cannot maintain their security when the adjacent assumption is removed. Secondly, we use the polynomial truncation method to improve Herzberg’s PSS scheme. To the best of our knowledge, our proposed scheme is the first provably secure PSS scheme without the adjacent assumption.
This work was partially supported by the National Natural Science Foundation of China (Grant No. 61572303, 61772326, 61822202, 61672010, 61702168, 61872087). We are very grateful to the anonymous reviewers for pointing out an error in a previous version of this paper as well as many valuable comments.
- 2.Baron, J., Defrawy, K., Lampkins, J., Ostrovsky, R.: How to withstand mobile virus attacks, revisited. In: ACM Symposium on Principles of Distributed Computing (PODC 2014), pp. 293–302 (2014)Google Scholar
- 3.Ben-Or, M., Goldwasser, S., Wigderson, A.: Completeness theorems for non-cryptographic fault-tolerant distributed computation. In: Proceedings of the 20th ACM Symposium on Theory of Computing (STOC 1988), pp. 1–10 (1988)Google Scholar
- 5.Blakley, R.: Safeguarding cryptographic keys. In: Proceedings of the National Computer Conference, vol. 48, pp. 313–317 (1979)Google Scholar
- 6.Cachin, C., Kursawe, K., Lysyanskaya, A., Strobl, R.: Asynchronous verifiable secret sharing and proactive cryptosystems. In: 9th ACM Conference on Computer and Communication Security (CCS 2002), pp. 88–97 (2002)Google Scholar
- 8.Canetti, R., Halevi, S., Herzberg, A.: Maintaining authenticated communication in the presence of break-ins. In: Proceedings of the 16th ACM Symposium on Principles of Distributed Computing (PODC 1997), pp. 15–24 (1997)Google Scholar
- 10.Chaum, D., Crépeau, C., Damgård, I.: Multiparty unconditionally secure protocols. In: Proceedings of the 20th ACM Symposium on Theory of Computing (STOC 1988), pp. 11–19 (1988)Google Scholar
- 11.Feldman, P.: A practical scheme for non-interactive verifiable secret sharing. In: Proceedings of the 28th IEEE Symposium on Foundation of Computer Science (FOCS 1987), pp. 427–437 (1987)Google Scholar
- 12.Frankel, Y., Gemmell, P., MacKenzie, P., Yung, M.: Optimal-resilience proactive public-key cryptosystems. In: Proceedings of the 38th IEEE Symposium on the Foundations of Computer Science (FOCS 1997), pp. 384–393 (1997)Google Scholar
- 17.Goldreich, O., Micali, S., Wigderson, A.: How to play any mental game, or a completeness theorem for protocols with honest majority. In: Proceedings of the 19th ACM Symposium on Theory of Computing (STOC 1987), pp. 218–229 (1987)Google Scholar
- 18.Hegland, A., Winjum, E., Mjolsnes, S., Rong, C., Kure, O., Spilling, P.: A survey of key management in ad hoc networks. IEEE Commun. 8(3), 48–66 (2006)Google Scholar
- 19.Herzberg, A., Jakobsson, M., Jarecki, S., Krawczyk, H., Yung, M.: Proactive public key and signature systems. In: 4th ACM Conference on Computer and Communication Security (CCS 1997), pp. 100–110 (1997)Google Scholar
- 21.Jarecki, S.: Proactive secret sharing and public key cryptosystems. Master’s thesis, Department of Electrical Engineering and Computer Science, MIT (1995)Google Scholar
- 23.Ostrovsky, R., Yung, M.: How to withstand mobile virus attacks. In: Proceedings of the 10th ACM Symposium on the Principle of Distributed Computing (PODC 1991), pp. 51–61 (1991)Google Scholar
- 26.Rabin, T., Ben-Or, M.: Verifiable secret sharing and multiparty protocols with honest majority. In: Proceedings of the 21st ACM Symposium on Theory of Computing (STOC 1989), pp. 73–85 (1989)Google Scholar
- 30.Yung, M.: The “mobile adversary” paradigm in distributed computation and systems. In: ACM Symposium on Principles of Distributed Computing (PODC 2015), pp. 171–172 (2015)Google Scholar