Improving the security of asymmetric secret sharing scheme and its new applications

Abstract

In conventional $(k,n)$ threshold secret sharing, secret information or input can be recovered by collecting $k$ shares from $n$ servers, regardless of the honesty of the player. However, in asymmetric secret sharing, the input remains unrecoverable even if the attacker collects all shares from all data servers. Asymmetric secret sharing provides an asymmetric structure in which only an honest/authorized player can regain the input by combining shares from the data servers with pseudorandom numbers that are generated by the authorized player to complete the required $k$ shares. Nevertheless, the asymmetric secret sharing scheme does not rely on information-theoretic security but rather on computational security. In this study, we first demonstrate the vulnerability of the conventional computationally secure asymmetric secret sharing scheme by presenting possible attacks on the scheme. We then show that by introducing true random numbers, an asymmetric secret sharing scheme with information-theoretic security can be achieved under certain conditions. We also identify and provide a detailed discussion of the conditions required to achieve information-theoretic security. However, the required conditions result in a reduction in storage efficiency on the server. We implemented our proposed method and evaluated its efficiency under these conditions, and showed that the execution time remains within the acceptable range and has a minimal effect on practical use. Moreover, we show that the proposed method can realize new applications that are not possible with conventional secret sharing schemes, such as secure data management that does not leak secret information even if the entire dataset in the cloud containing the shares is compromised, and communication, including IoT communication.