How to Verify the Threshold t of Shamirs (t, n)-Threshold Scheme
スポンサーリンク
概要
- 論文の詳細を見る
In the Shamir (t, n)-threshold scheme, the dealer constructs a random polynomial f(x) ∈ GF(p)[x] of degree at most t-1 in which the constant term is the secret K ∈ GF(p). However, if the chosen polynomial f(x) is of degree less than t-1, then a conspiracy of any t-1 participants can reconstruct the secret K;on the other hand, if the degree of f(x) is greater than t-1, then even t participants can not reconstruct the secret K properly. To prevent these from happening, the degree of the polynomial f(x) should be exactly equal to t-1 if the dealer claimed that the threshold of this scheme is t. There also should be some ways for participants to verify whether the threshold is exactly t or not. A few known verifiable threshold schemes provide such ability but the securities of these schemes are based on some cryptographic assumptions. The purpose of this paper is to propose some threshold-verification protocols for the Shamir (t, n)-threshold scheme from the viewpoint of unconditional security.
- 社団法人 情報処理学会の論文
著者
-
Okamoto Eiji
Graduate School Of Systems And Information Engineering University Of Tsukuba
-
TSO RAYLIN
Risk Engineering Major, Graduate School of Systems and Information Engineering, University of Tsukub
-
MIAO YING
Risk Engineering Major, Graduate School of Systems and Information Engineering, University of Tsukub
-
OKAMOTO TAKESHI
Risk Engineering Major, Graduate School of Systems and Information Engineering, University of Tsukub
-
OKAMOTO EIJI
Risk Engineering Major, Graduate School of Systems and Information Engineering, University of Tsukub
-
Tso Raylin
Risk Engineering Major Graduate School Of Systems And Information Engineering University Of Tsukuba
-
Miao Ying
Risk Engineering Major, Graduate School of Systems and Information Engineering, University of Tsukuba
-
Okamoto Takeshi
Risk Engineering Major, Graduate School of Systems and Information Engineering, University of Tsukuba
関連論文
- Sender Authenticated Key Agreements without Random Oracles
- An ID-SP-M4M Scheme and Its Security Analysis(Signatures,Cryptography and Information Security)
- Authorization-Limited Transformation-Free Proxy Cryptosystems and Their Security Analyses(Protocol, Cryptography and Information Security)
- A Share-Correctable Protocol for the Shamir Threshod Scheme and Its Application to Participant Enrollment (特集 多様な社会的責任を担うコンピュータセキュリティ技術)
- How to Verify the Threshold t of Shamir's (t,n)-Threshold Scheme (特集 多様な社会的責任を担うコンピュータセキュリティ技術)
- A Share-Correctable Protocol for the Shamir Threshold Scheme and Its Application to Participant Enrollment
- How to Verify the Threshold t of Shamirs (t, n)-Threshold Scheme
- Sender Authenticated Key Agreements without Random Oracles
- Universal ηT pairing algorithm over arbitrary extension degree (ワイドバンドシステム)
- Universal ηT pairing algorithm over arbitrary extension degree (情報セキュリティ)
- Universal ηT pairing algorithm over arbitrary extension degree (情報理論)
- Anonymous On-Demand Position-based Routing in Mobile Ad-hoc Networks (特集:ユビキタス社会を支えるコンピュータセキュリティ技術)
- How to Verify the Threshold t of Shamir's (t, n)-Threshold Scheme