International Conference on Cryptology and Network Security

Cryptology and Network Security pp 43-58

Security of Linear Secret-Sharing Schemes Against Mass Surveillance

  • Irene Giacomelli
  • Ruxandra F. Olimid
  • Samuel Ranellucci
Conference paper

DOI: 10.1007/978-3-319-26823-1_4

Part of the Lecture Notes in Computer Science book series (LNCS, volume 9476)
Cite this paper as:
Giacomelli I., Olimid R.F., Ranellucci S. (2015) Security of Linear Secret-Sharing Schemes Against Mass Surveillance. In: Reiter M., Naccache D. (eds) Cryptology and Network Security. Lecture Notes in Computer Science, vol 9476. Springer, Cham


Following the line of work presented recently by Bellare, Paterson and Rogaway, we formalize and investigate the resistance of linear secret-sharing schemes to mass surveillance. This primitive is widely used to design IT systems in the modern computer world, and often it is implemented by a proprietary code that the provider (“big brother") could manipulate to covertly violate the privacy of the users (by implementing Algorithm-Substitution Attacks or ASAs). First, we formalize the security notion that expresses the goal of big brother and prove that for any linear secret-sharing scheme there exists an undetectable subversion of it that efficiently allows surveillance. Second, we formalize the security notion that assures that a sharing scheme is secure against ASAs and construct the first sharing scheme that meets this notion.


Linear secret-sharing Algorithm-substitution attack Mass surveillance Kleptography 

Copyright information

© Springer International Publishing Switzerland 2015

Authors and Affiliations

  • Irene Giacomelli
    • 1
  • Ruxandra F. Olimid
    • 2
  • Samuel Ranellucci
    • 1
  1. 1.Department of Computer ScienceAarhus UniversityAarhusDenmark
  2. 2.Department of Computer ScienceUniversity of Bucharest, Romania and Applied Cryptography Group, OrangeBucharestRomania

Personalised recommendations