Constructions of projective linear codes by the intersection and difference of sets

Projective linear codes are a special class of linear codes whose dual codes have minimum distance at least 3. Projective linear codes with only a few weights are useful in authentication codes, secret sharing schemes, data storage systems and so on. In this paper, two constructions of q-ary linear codes are presented with defining sets given by the intersection and difference of two sets. These constructions produce several families of new projective two-weight or three-weight linear codes. As applications, our projective codes can be used to construct secret sharing schemes with interesting access structures, strongly regular graphs and association schemes with three classes.     

Some hypersurfaces over finite fields,minimal codes and secret sharing schemes

Designs, Codes and Cryptography - Linear error-correcting codes can be used for constructing secret sharing schemes; however, finding in general the access structures of these secret sharing...     

Sharing Multiple Secrets: Models, Schemes and Analysis

A multi-secret sharing scheme is a protocol to share more than one secret among a set of participants, where each secret may have a distinct family of subsets of participants (also called ‘access structure’) that are qualified to recover it. In this paper we use an information-theoretic approach to analyze two different models for multi-secret sharing schemes. The proposed models generalize specific models which have already been considered in the literature. We first analyze the relationships between the security properties of the two models. Afterwards, we show that the security property of a multi-secret sharing scheme does not depend on the particular probability distribution on the sets of secrets. This extends the analogous result for the case of single-secret sharing schemes and implies that the bounds on the size of the information distributed to participants in multi-secret sharing schemes can all be strengthened. For each of the two models considered in this paper, we show lower bounds on the size of the shares distributed to participants. Specifically, for the general case in which the secrets are shared according to a tuple of arbitrary (and possibly different) access structures, we show a combinatorial condition on these structures that is sufficient to require a participant to hold information of size larger than a certain subset of secrets. For specific access structures of particular interest, namely, when all access structures are threshold structures, we show tight bounds on the size of the information distributed to participants.     

A Linear Construction of Secret Sharing Schemes

In this paper, we will generalize the vector space construction due to Brickell. This generalization, introduced by Bertilsson, leads to secret sharing schemes with rational information rates in which the secret can be computed efficiently by each qualified group. A one to one correspondence between the generalized construction and linear block codes is stated, and a matrix characterization of the generalized construction is presented. It turns out that the approach of minimal codewords by Massey is a special case of this construction. For general access structures we present an outline of an algorithm for determining whether a rational number can be realized as information rate by means of the generalized vector space construction. If so, the algorithm produces a secret sharing scheme with this information rate.     

Constructions and Properties of k out of n Visual Secret Sharing Schemes

The idea of visual k out of n secret sharing schemes was introduced in Naor. Explicit constructions for k = 2 and k = n can be found there. For general k out of n schemes bounds have been described.Here, two general k out of n constructions are presented. Their parameters are related to those of maximum size arcs or MDS codes. Further, results on the structure of k out of n schemes, such as bounds on their parameters, are obtained. Finally, the notion of coloured visual secret sharing schemes is introduced and a general construction is given.     

An explication of secret sharing schemes

This paper is an explication of secret sharing schemes, emphasizing combinatorial construction methods. The main problem we consider is the construction of perfect secret sharing schemes, for specified access structures, with the maximum possible information rate.In this paper, we present numerous direct constructions for secret sharing schemes, such as the Shamir threshold scheme, the Boolean circuit construction of Benaloh and Leichter (for general access structures), the vector space construction of Brickell, and the Simmons geometric construction. We discuss the connections between ideal schemes (i.e., those with information rate equal to one) and matroids. We also mention the entropy bounds of Capocelli et al. Then we give a very general construciton, called the decomposition construction, and numerous applications of it. In particular, we study schemes for access structures based on graphs and the many interesting bounds that can be proved; and we determine the exact value of the optimal information rate for all access structures on at most four participants.Research supported by NSERC (Canada) grant A9287.     

Rearrangements of access structures and their realizations in secret sharing schemes

Firstly, the definitions of the secret sharing schemes (SSS), i.e. perfect SSS, statistical SSS and computational SSS are given in an uniform way, then some new schemes for several familiar rearrangements of access structures with respect to the above three types of SSS are constructed from the old schemes. It proves that the new schemes and the old schemes are of the same security. A method of constructing the SSS which realizes the general access structure by rearranging some basic access structures is developed. The results of this paper can be used to key managements and access controls.     

On the Dealer's Randomness Required in Secret Sharing Schemes

In this paper we provide upper and lower bounds on the randomness required by the dealer to set up a secret sharing scheme for infinite classes of access structures. Lower bounds are obtained using entropy arguments. Upper bounds derive from a decomposition construction based on combinatorial designs (in particular, t-(v,k,) designs). We prove a general result on the randomness needed to construct a scheme for the cycle Cn; when n is odd our bound is tight. We study the access structures on at most four participants and the connected graphs on five vertices, obtaining exact values for the randomness for all them. Also, we analyze the number of random bits required to construct anonymous threshold schemes, giving upper bounds. (Informally, anonymous threshold schemes are schemes in which the secret can be reconstructed without knowledge of which participants hold which shares.)     

Hamming weight enumerators of multi-twisted codes with at most two non-zero constituents

In this paper, we explicitly determine Hamming weight enumerators of several classes of multi-twisted codes over finite fields with at most two non-zero constituents, where each non-zero constituent has dimension 1. Among these classes of multi-twisted codes, we further identify two classes of optimal equidistant linear codes that have nice connections with the theory of combinatorial designs and several other classes of minimal linear codes that are useful in constructing secret sharing schemes with nice access structures. We also illustrate our results with some examples.     

Ideal secret sharing schemes whose minimal qualified subsets have at most three participants

One of the main open problems in secret sharing is the characterization of the access structures of ideal secret sharing schemes. Brickell and Davenport proved that every one of these ideal access structures is related in a certain way to a unique matroid. Specifically, they are matroid ports. In addition to the search of general results, this difficult open problem has been studied in previous works for several families of access structures. In this paper we do the same for access structures with rank 3, that is, structures whose minimal qualified subsets have at most three participants. We completely characterize and classify the rank-3 access structures that are matroid ports. We prove that all access structures with rank three that are ports of matroids greater than 3 are ideal. After the results in this paper, the only open problem in the characterization of the ideal access structures with rank three is to characterize the rank-3 matroids that can be represented by an ideal secret sharing scheme. A previous version of this paper appeared in Fifth Conference on Security and Cryptography for Networks, SCN 2006, Lecture Notes in Computer Science 4116 (2006) 201–215.     

On the optimization of bipartite secret sharing schemes

Optimizing the ratio between the maximum length of the shares and the length of the secret value in secret sharing schemes for general access structures is an extremely difficult and long-standing open problem. In this paper, we study it for bipartite access structures, in which the set of participants is divided in two parts, and all participants in each part play an equivalent role. We focus on the search of lower bounds by using a special class of polymatroids that is introduced here, the tripartite ones. We present a method based on linear programming to compute, for every given bipartite access structure, the best lower bound that can be obtained by this combinatorial method. In addition, we obtain some general lower bounds that improve the previously known ones, and we construct optimal secret sharing schemes for a family of bipartite access structures.     

Classification of convolutional codes

Convolutional codes have the structure of an F[z]-module. To study their properties it is desirable to classify them as the points of a certain algebraic variety. By considering the correspondence of submodules and the points of certain quotient schemes, and the inclusion of these as subvarieties of certain Grassmannians, one has a one-to-one correspondence of convolutional codes and the points of these subvarieties. This classification of convolutional codes sheds light on their structure and proves to be helpful to give bounds on their free distance and to define convolutional codes with good parameters.     

Detection of Cheaters in Vector Space Secret Sharing Schemes

A perfect secret sharing scheme is a method of distributing shares of a secret among a set P of participants in such a way that only qualified subsets of P can reconstruct the secret from their shares and non-qualified subsets have absolutely no information on the value of the secret. In a secret sharing scheme, some participants could lie about the value of their shares in order to obtain some illicit benefit. Therefore, the security against cheating is an important issue in the implementation of secret sharing schemes. Two new secret sharing schemes in which cheaters are detected with high probability are presented in this paper. The first one has information rate equal to 1/2 and can be implemented not only in threshold structures, but in a more general family of access structures. We prove that the information rate of this scheme is almost optimal among all schemes with the same security requirements. The second scheme we propose is a threshold scheme in which cheaters are detected with high probability even if they know the secret. The information rate is in this case 1/3 In both schemes, the probability of cheating successfully is a fixed value that is determined by the size of the secret.     

Geometrical contributions to secret sharing theory

Finite geometry has found applications in many different fields and practical environments. We consider one such application, to the theory of secret sharing, where finite projective geometry has proved to be very useful, both as a modelling tool and as a means to establish interesting results. A secret sharing scheme is a means by which some secret data can be shared among a group of entities in such a way that only certain subsets of the entities can jointly compute the secret. Secret sharing schemes are useful for information security protocols, where they can be used to jointly protect cryptographic keys or provide a means of access control. We review the contribution of finite projective geometry to secret sharing theory, highlighting results and techniques where its use has been of particular significance.     

Weight distributions and weight hierarchies of two classes of binary linear codes

Linear codes with a few weights can be applied to communication, consumer electronics and data storage system. In addition, the weight hierarchy of a linear code has many applications such as on the type II wire-tap channel, dealing with t-resilient functions and trellis or branch complexity of linear codes and so on. In this paper, we present a formula for computing the weight hierarchies of linear codes constructed by the generalized method of defining sets. Then, we construct two classes of binary linear codes with a few weights and determine their weight distributions and weight hierarchies completely. Some codes of them can be used in secret sharing schemes.     

Polynomial-time key recovery attack on the Faure–Loidreau scheme based on Gabidulin codes

Encryption schemes based on the rank metric lead to small public key sizes of order of few thousands bytes which represents a very attractive feature compared to Hamming metric-based encryption schemes where public key sizes are of order of hundreds of thousands bytes even with additional structures like the cyclicity. The main tool for building public key encryption schemes in rank metric is the McEliece encryption setting used with the family of Gabidulin codes. Since the original scheme proposed in 1991 by Gabidulin, Paramonov and Tretjakov, many systems have been proposed based on different masking techniques for Gabidulin codes. Nevertheless, over the years most of these systems were attacked essentially by the use of an attack proposed by Overbeck. In 2005 Faure and Loidreau designed a rank-metric encryption scheme which was not in the McEliece setting. The scheme is very efficient, with small public keys of size a few kiloBytes and with security closely related to the linearized polynomial reconstruction problem which corresponds to the decoding problem of Gabidulin codes. The structure of the scheme differs considerably from the classical McEliece setting and until our work, the scheme had never been attacked. We show in this article that for a range of parameters, this scheme is also vulnerable to a polynomial-time attack that recovers the private key by applying Overbeck’s attack on an appropriate public code. As an example we break in a few seconds parameters with 80-bit security claim. Our work also shows that some parameters are not affected by our attack but at the cost of a lost of efficiency for the underlying schemes.     

Security and efficiency data sharing scheme for cloud storage

With the adoption and diffusion of data sharing paradigm in cloud storage, there have been increasing demands and concerns for shared data security. Ciphertext Policy Attribute-Based Encryption (CP-ABE) is becoming a promising cryptographic solution to the security problem of shared data in cloud storage. However due to key escrow, backward security and inefficiency problems, existing CP-ABE schemes cannot be directly applied to cloud storage system. In this paper, an effective and secure access control scheme for shared data is proposed to solve those problems. The proposed scheme refines the security of existing CP-ABE based schemes. Specifically, key escrow and conclusion problem are addressed by dividing key generation center into several distributed semi-trusted parts. Moreover, secrecy revocation algorithm is proposed to address not only back secrecy but efficient problem in existing CP-ABE based scheme. Furthermore, security and performance analyses indicate that the proposed scheme is both secure and efficient for cloud storage.     

Hypergraph decomposition and secret sharing

A secret sharing scheme is a protocol by which a dealer distributes a secret among a set of participants in such a way that only qualified sets of them can reconstruct the value of the secret whereas any non-qualified subset of participants obtain no information at all about the value of the secret. Secret sharing schemes have always played a very important role for cryptographic applications and in the construction of higher level cryptographic primitives and protocols.In this paper we investigate the construction of efficient secret sharing schemes by using a technique called hypergraph decomposition, extending in a non-trivial way the previously studied graph decomposition techniques. A major advantage of hypergraph decomposition is that it applies to any access structure, rather than only structures representable as graphs. As a consequence, the application of this technique allows us to obtain secret sharing schemes for several classes of access structures (such as hyperpaths, hypercycles, hyperstars and acyclic hypergraphs) with improved efficiency over previous results. Specifically, for these access structures, we present secret sharing schemes that achieve optimal information rate. Moreover, with respect to the average information rate, our schemes improve on previously known ones.In the course of the formulation of the hypergraph decomposition technique, we also obtain an elementary characterization of the ideal access structures among the hyperstars, which is of independent interest.     

Two classes of two-weight linear codes

Two-weight linear codes have many wide applications in authentication codes, association schemes, strongly regular graphs, and secret sharing schemes. In this paper, we present two classes of two-weight binary or ternary linear codes. In some cases, they are optimal or almost optimal. They can also be used to construct secret sharing schemes.