Optimal Threshold Padlock Systems

J. Comput. Secur. Pub Date : 2020-04-23 DOI:10.3233/jcs-210065

Jannik Dreier, J. Dumas, P. Lafourcade, Léo Robert

{"title":"Optimal Threshold Padlock Systems","authors":"Jannik Dreier, J. Dumas, P. Lafourcade, Léo Robert","doi":"10.3233/jcs-210065","DOIUrl":null,"url":null,"abstract":"In 1968, Liu described the problem of securing documents in a shared secret project. In an example, at least six out of eleven participating scientists need to be present to open the lock securing the secret documents. Shamir proposed a mathematical solution to this physical problem in 1979, by designing an efficient k-out-of-n secret sharing scheme based on Lagrange’s interpolation. Liu and Shamir also claimed that the minimal solution using physical locks is clearly impractical and exponential in the number of participants. In this paper we relax some implicit assumptions in their claim and propose an optimal physical solution to the problem of Liu that uses physical padlocks, but the number of padlocks is not greater than the number of participants. Then, we show that no device can do better for k-out-of-n threshold padlock systems as soon as k ⩾ 2 n , which holds true in particular for Liu’s example. More generally, we derive bounds required to implement any threshold system and prove a lower bound of O ( log ( n ) ) padlocks for any threshold larger than 2. For instance we propose an optimal scheme reaching that bound for 2-out-of-n threshold systems and requiring less than 2 log 2 ( n ) padlocks. We also discuss more complex access structures, a wrapping technique, and other sublinear realizations like an algorithm to generate 3-out-of-n systems with 2.5 n padlocks. Finally we give an algorithm building k-out-of-n threshold padlock systems with only O ( log ( n ) k − 1 ) padlocks. Apart from the physical world, our results also show that it is possible to implement secret sharing over small fields.","PeriodicalId":142580,"journal":{"name":"J. Comput. Secur.","volume":"24 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2020-04-23","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"J. Comput. Secur.","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.3233/jcs-210065","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 0

Abstract

In 1968, Liu described the problem of securing documents in a shared secret project. In an example, at least six out of eleven participating scientists need to be present to open the lock securing the secret documents. Shamir proposed a mathematical solution to this physical problem in 1979, by designing an efficient k-out-of-n secret sharing scheme based on Lagrange’s interpolation. Liu and Shamir also claimed that the minimal solution using physical locks is clearly impractical and exponential in the number of participants. In this paper we relax some implicit assumptions in their claim and propose an optimal physical solution to the problem of Liu that uses physical padlocks, but the number of padlocks is not greater than the number of participants. Then, we show that no device can do better for k-out-of-n threshold padlock systems as soon as k ⩾ 2 n , which holds true in particular for Liu’s example. More generally, we derive bounds required to implement any threshold system and prove a lower bound of O ( log ( n ) ) padlocks for any threshold larger than 2. For instance we propose an optimal scheme reaching that bound for 2-out-of-n threshold systems and requiring less than 2 log 2 ( n ) padlocks. We also discuss more complex access structures, a wrapping technique, and other sublinear realizations like an algorithm to generate 3-out-of-n systems with 2.5 n padlocks. Finally we give an algorithm building k-out-of-n threshold padlock systems with only O ( log ( n ) k − 1 ) padlocks. Apart from the physical world, our results also show that it is possible to implement secret sharing over small fields.

查看原文本刊更多论文

最佳阈值挂锁系统

1968年，刘描述了在一个共享的秘密项目中保护文件的问题。例如，11名参与的科学家中至少有6人需要在场才能打开保护秘密文件的锁。Shamir在1979年提出了这个物理问题的数学解决方案，他设计了一个基于拉格朗日插值的高效k-out- n秘密共享方案。Liu和Shamir还声称，使用物理锁的最小解决方案显然是不切实际的，并且参与者的数量呈指数级增长。本文放宽了他们声明中的一些隐含假设，提出了Liu问题的最优物理解，该解使用物理挂锁，但挂锁的数量不大于参与者的数量。然后，我们表明，只要k大于或等于2 n，就没有设备可以为k- of-n阈值锁系统做得更好，这尤其适用于Liu的例子。更一般地说，我们推导了实现任何阈值系统所需的边界，并证明了任何大于2的阈值的O (log (n))个挂锁的下界。例如，我们提出了一个最优方案，达到2-out- n阈值系统的边界，需要少于2 log 2 (n)个挂锁。我们还讨论了更复杂的访问结构、封装技术和其他次线性实现，比如用2.5 n个挂锁生成3 of-n系统的算法。最后给出了一种构造k- of-n门限挂锁系统的算法，该系统只有O (log (n) k−1)个挂锁。除了物理世界之外，我们的结果还表明，在小领域内实现秘密共享是可能的。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

J. Comput. Secur.

自引率

0.00%

发文量