（t，n）门限秘密共享体制的研究

【作者】 杨彦炯；

【导师】 许春根；

【作者基本信息】 南京理工大学 ， 应用数学， 2008， 硕士

【摘要】 秘密共享是密码协议的重要组成部分,特别是随着计算机及网络技术的快速发展,对重要而敏感信息的保护日益受到社会的高度关注。秘密共享是实现信息安全和数据保密的一个重要手段。自从1979年Shamir和Blakley提出(t,n)门限秘密共享的概念后,许多学者对秘密共享体制进行了深入的研究。秘密共享体制是将共享的秘密分成若干部分(称为子秘密)分别给予若干参与者掌管,并规定哪些参与者联合可重构秘密,哪些参与者联合不能得到关于秘密的任何信息。本文首先介绍了秘密共享的发展现状,研究了一些典型的秘密共享方案,分析了现有的秘密共享方案在实际应用中的不足。秘密共享方案要想在实际中得以运用,必须要有很好的安全性和执行效率,针对这一问题,本文将可验证秘密共享和动态秘密共享作为研究重点。并取得了以下成果:(1)基于Shamir的门限方案,提出了一种可验证秘密共享方案,相对于传统的可验证方案,此方案更加灵活实用,需要公布的信息明显少于传统方案,执行效率比较高,并且有较高的安全性。(2)对于门限方案的成员加入问题,构造了一种可以有成员加入的公开可验证秘密共享方案。(3)对Amir Herzberg的动态秘密共享方案进行了改进,使其在特定的条件下有更好的灵活性。并对Asmuth-bloom门限方案进行了研究,构造了一种基于Asmuth-bloom方案的动态门限方案,使其子秘密可以定期更新。更多还原

【Abstract】 The secret sharing is an important part of the cryptography protocol. As the rapid development of computer networks, the society pay more and more attention on the confidential information. Secret Sharing is one of the important way to save securely important information and data. Since Blakley and Shamir respectively proposed threshold secret sharing scheme in 1979, the research on this field attracts people’s abroad attention. The researches on threshold secret sharing scheme are made widely and deeply by many scholars.The normal secret sharing scheme is that the shared secret is firstly divided into several parts(secret shadow)and then given the participants,only the qualified class of participants can recover the secret, any other class of participants can’t obtain any information about the shared secret.In this paper, the concept of secret sharing and its broadcast are introduced, Then it discusses some typical schemes on the threshold secret sharing scheme, and analyses the shortcomings of these scheme in applications .In practice, the security and the efficiency are important restriction factors. To solve these problems, we choose the verifiable secret sharing(VSS)and dynamic secret sharing as our priority research areas.Main contributions of this paper are as follows:(1) Based on Shamir’scheme, we propose a verifiable secret sharing scheme. Compares with traditional scheme,this scheme is more flexible and practical.The number of values published by Dealer is much less than traditional scheme,and the security is much better.(2) To solve the problem of new member expansion in threshold schemes, we give a publicly verifiable protocol for member expansion.(3) We present a threshold dynamic secret sharing scheme to improve Herzberg’s dynamic scheme ,this scheme have a better flexibility under the specific condition.Then, we analyze Asmuth-bloom’threshold scheme,and propose a dynamic threshold scheme.In this scheme,we can update the old secret shadow with new secret shadow periodically.更多还原