In a secret sharing scheme for a monotone access structure \(\mathcal {A}\) , one can share a secret among a set of parties such that all subsets of parties authorized by \(\mathcal {A}\) can reconstruct the secret while all other subsets learn nothing. However, what if an unauthorized subset of parties collude and offer their shares for sale? Specifically, suppose that the parties pool their shares to create a reconstruction box that reveals the secret upon receiving enough additional shares as input. To deter this behavior, Goyal et al. (CRYPTO’21) introduced the notion of traceable secret sharing (TSS), where it is possible to provably trace reconstruction boxes containing leaked secret shares back to their respective parties. Goyal et al. and subsequent work presented definitions and constructions of TSS for the threshold access structure. In this work, we revisit the notion of TSS.

错误:搜索内容不能为空,请输入英文关键词
错误:关键词超出字数限制,请精简
高级检索

Traceable Secret Sharing Revisited

  • Vipul Goyal,
  • Abhishek Jain,
  • Aditi Partap

摘要

In a secret sharing scheme for a monotone access structure \(\mathcal {A}\) , one can share a secret among a set of parties such that all subsets of parties authorized by \(\mathcal {A}\) can reconstruct the secret while all other subsets learn nothing. However, what if an unauthorized subset of parties collude and offer their shares for sale? Specifically, suppose that the parties pool their shares to create a reconstruction box that reveals the secret upon receiving enough additional shares as input. To deter this behavior, Goyal et al. (CRYPTO’21) introduced the notion of traceable secret sharing (TSS), where it is possible to provably trace reconstruction boxes containing leaked secret shares back to their respective parties. Goyal et al. and subsequent work presented definitions and constructions of TSS for the threshold access structure. In this work, we revisit the notion of TSS.