Unformatted text preview: to reconstruct the secret. In general, any type of sharing scheme that can be imagined can be implemented. All you have to do is to envision a system of equations that corresponds to the particular scheme. Some excellent papers on generalized secret-sharing schemes are [1462,1463,1464]. Sharing a Secret with Cheaters
This algorithm modifies the standard (m, n)-threshold scheme to detect cheaters . I demonstrate this using the Lagrange scheme, although it works with the others as well. Choose a prime, p, that is both larger than n and larger than (s - 1) (m - 1)/e + m where s is the largest possible secret and e is the probability of successful cheating. You can make e as small as you want; it just makes the computation more complex. Construct your shadows as before, except instead of using 1, 2, 3,..., n for xi, choose random numbers between 1 and p - 1 for xi. Now, when Mallory sneaks into the secret reconstruction meeting with his false share, his share has a high probability of not being possible. An impossible secret is, of course, a fake secret. See  for the math. Unfortunately, while Mallory is exposed as a cheater, he still learns the secret (assuming that there are m other valid shares). Another protocol, from [1529,975], prevents that. The basic idea is to have a series of k secrets, such that none of the participants knows beforehand which is correct. Each secret is larger than the one before, except for the real secret. The participants combine their shadows to generate one secret after the other, until they create a secret that is less than the previous secret. That’s the correct one. This scheme will expose cheaters early, before the secret is generated. There are complications when the participants deliver their shadows one at a time; refer to the papers for details. Other papers on the detection and prevention of cheaters in threshold schemes are [355,114,270]. 23.3 Subliminal Channel Ong-Schnorr-Shamir
This subliminal channel (see Section 4.2), designed by G...
View Full Document
- Fall '10
- Cryptography, Bruce Schneier, Applied Cryptography, EarthWeb, Search Search Tips