A Password-Protected Secret Sharing Based on Kurosawa-Desmedt Hybrid Encryption

Abstract

Needs for secret sharing scheme is increasing as demands for cloud services grow. However, secret sharing scheme possesses a drawback in that unauthorized users who can access storages storing partial information can reconstruct a secret. Password-Protected Secret Sharing (PPSS) was proposed in order to resolve such a drawback. PPSS is a secret sharing scheme that ensures only the owner of the secret who knows correct password to get the original secret by applying password authentication to partial information. The first PPSS was proposed by Bagherzandi et al. in 2011. When a secret is large, their scheme encrypts the secret with symmetric key encryption (SKE) and then encrypts the symmetric key with CPA secure public key encryption (PKE). Because of such combination, it seems difficult to prove strong security (i.e., CCA security) of their scheme at least in the standard model. In this paper, we propose a new PPSS model and scheme which does not use a simple combination of SKE and CPA secure PKE but use Kurosawa-Desmedt hybrid encryption, that is proven to be CCA secure in the standard model. Proposed PPSS is constructed by combining public key part of Kurosawa-Desmedt hybrid encryption with password authentication. Our scheme is expected to be more secure than that of Bagherzandi et al.