3 some secret sharing schemes and further studies - dr avishek adhikari
TRANSCRIPT
-
8/13/2019 3 Some Secret Sharing Schemes and Further Studies - Dr Avishek Adhikari
1/49
Some Secret Sharing Schemes and Further Studies
Avishek Adhikariwebsite: www.imbic.org/avishek.html
Research Team MembersPartha Sarathi Roy, Angsuman Das,
Ushnish Sarkar, Sabyasachi Dutta
Department of Pure MathematicsUniversity of Calcutta, Kolkata.
TWC 2011Avishek Adhikari (University of Calcutta) Secret Sharing Schemes 16.07.11 1 / 39
http://find/ -
8/13/2019 3 Some Secret Sharing Schemes and Further Studies - Dr Avishek Adhikari
2/49
Introduction to Secret Sharing What is secret sharing?
What is secret sharing?
Avishek Adhikari (University of Calcutta) Secret Sharing Schemes 16.07.11 2 / 39
http://find/http://goback/ -
8/13/2019 3 Some Secret Sharing Schemes and Further Studies - Dr Avishek Adhikari
3/49
Introduction to Secret Sharing What is secret sharing?
What is secret sharing?
Avishek Adhikari (University of Calcutta) Secret Sharing Schemes 16.07.11 2 / 39
http://find/ -
8/13/2019 3 Some Secret Sharing Schemes and Further Studies - Dr Avishek Adhikari
4/49
Introduction to Secret Sharing What is secret sharing?
What is secret sharing?
Avishek Adhikari (University of Calcutta) Secret Sharing Schemes 16.07.11 2 / 39
http://find/http://goback/ -
8/13/2019 3 Some Secret Sharing Schemes and Further Studies - Dr Avishek Adhikari
5/49
Introduction to Secret Sharing What is secret sharing?
What is secret sharing?
Avishek Adhikari (University of Calcutta) Secret Sharing Schemes 16.07.11 2 / 39
I d i S Sh i Wh i h i ?
http://find/ -
8/13/2019 3 Some Secret Sharing Schemes and Further Studies - Dr Avishek Adhikari
6/49
Introduction to Secret Sharing What is secret sharing?
(t,w)threshold scheme
Lettandwbe two positive integers, such thattw.A(t,w)threshold schemeis a method of sharing a
scheme keykamong a set ofwparticipants in such away that anytparticipants can compute the value ofk, but no group of(t 1)participants can do so.
Avishek Adhikari (University of Calcutta) Secret Sharing Schemes 16.07.11 3 / 39
I t d ti t S t Sh i Wh t i t h i ?
http://find/ -
8/13/2019 3 Some Secret Sharing Schemes and Further Studies - Dr Avishek Adhikari
7/49
Introduction to Secret Sharing What is secret sharing?
Simple Way!
Avishek Adhikari (University of Calcutta) Secret Sharing Schemes 16.07.11 4 / 39
Introduction to Secret Sharing What is secret sharing?
http://find/ -
8/13/2019 3 Some Secret Sharing Schemes and Further Studies - Dr Avishek Adhikari
8/49
Introduction to Secret Sharing What is secret sharing?
Perfectly Secure (2,2)-SSS
Avishek Adhikari (University of Calcutta) Secret Sharing Schemes 16.07.11 5 / 39
Introduction to Secret Sharing Shamirs (t n) threshold scheme
http://find/ -
8/13/2019 3 Some Secret Sharing Schemes and Further Studies - Dr Avishek Adhikari
9/49
Introduction to Secret Sharing Shamir s (t, n) threshold scheme
Shamirs(k,n)-Secret Sharing Scheme
It takestwo pointsto define astraight line,three pointsto fully define aquadratic,four
pointsto define acubic, and so on.One can fit a unique polynomial of degree(k 1)to any set of kpoints that lie on thepolynomial.
Avishek Adhikari (University of Calcutta) Secret Sharing Schemes 16.07.11 6 / 39
Introduction to Secret Sharing Shamirs (t n) threshold scheme
http://find/ -
8/13/2019 3 Some Secret Sharing Schemes and Further Studies - Dr Avishek Adhikari
10/49
Introduction to Secret Sharing Shamir s (t, n) threshold scheme
Shamirs(k,n)-Secret Sharing Scheme
It takestwo pointsto define astraight line,three pointsto fully define aquadratic,four
pointsto define acubic, and so on.One can fit a unique polynomial of degree(k 1)to any set of kpoints that lie on thepolynomial.
Avishek Adhikari (University of Calcutta) Secret Sharing Schemes 16.07.11 6 / 39
Introduction to Secret Sharing Shamirs (t n) threshold scheme
http://find/ -
8/13/2019 3 Some Secret Sharing Schemes and Further Studies - Dr Avishek Adhikari
11/49
Introduction to Secret Sharing Shamir s (t, n) threshold scheme
Shamirs (3, 4) threshold scheme
LetP={P1, P2, P3, P4}be a set of 4participants.
The key set,K=Zp, wherep=5 is a prime &p>nKet the secret be 1.
The set of all possible shares,S=Z5.
The dealer constructs a random polynomial
f(x) Z5[x]of degreet 1=3 1= 2, inwhich the constant term is the secret K =1.
f(x) =1 + 2x+ 3x2
Avishek Adhikari (University of Calcutta) Secret Sharing Schemes 16.07.11 7 / 39
Introduction to Secret Sharing Shamirs (t, n) threshold scheme
http://find/ -
8/13/2019 3 Some Secret Sharing Schemes and Further Studies - Dr Avishek Adhikari
12/49
Introduction to Secret Sharing Shamir s (t, n) threshold scheme
Shamirs (3, 4) threshold scheme
Every participantPiobtains a point(xi, yi)on this polynomial,
whereyi=f(xi)and distinctxiZ
p.P1 gets (1,a(1)=6=1),(P2)gets (2,2),P3 gets(3, 4)andP4 gets(4,2).
Recovery of Secret
Suppose a subset B of t=3 participants wants to recollect thesecret.
Let the participantsP1, P2, P3 want to determineK =1.
They know that 1=f(1), 2=f(2)and 4=f(3).
They will assume the form of the secret polynomial asy=f(x) =a0+ a1x+ a2x
2, wherea0, a1 anda2are unknown and
belong to Z.
Thus, these participants can obtain 3 linear equations in the 3
unknowns a0, a1, a2.
Avishek Adhikari (University of Calcutta) Secret Sharing Schemes 16.07.11 8 / 39
Introduction to Secret Sharing Shamirs (t, n) threshold scheme
http://find/http://goback/ -
8/13/2019 3 Some Secret Sharing Schemes and Further Studies - Dr Avishek Adhikari
13/49
g ( , )
Shamirs (t, n) threshold scheme
1 1 1
2
1 2 22
1 3 32
a0a1
a2
=
f(1)f(2)
f(3)
Now, the coefficient matrix Ais the so calledVandermondesmatrix.
detA=
1j
-
8/13/2019 3 Some Secret Sharing Schemes and Further Studies - Dr Avishek Adhikari
14/49
g ( )
Shamirs (t, n) threshold scheme
1 1 1
2
1 2 22
1 3 32
a0a1
a2
=
f(1)f(2)
f(3)
Now, the coefficient matrix Ais the so calledVandermondesmatrix.
detA=
1j
-
8/13/2019 3 Some Secret Sharing Schemes and Further Studies - Dr Avishek Adhikari
15/49
Example of(2, 2)-VCS
Avishek Adhikari (University of Calcutta) Secret Sharing Schemes 16.07.11 10 / 39
Visual Cryptography Shamirs Scheme
http://find/ -
8/13/2019 3 Some Secret Sharing Schemes and Further Studies - Dr Avishek Adhikari
16/49
Example of(2, 2)-VCS
Avishek Adhikari (University of Calcutta) Secret Sharing Schemes 16.07.11 10 / 39
Visual Cryptography Shamirs Scheme
http://find/ -
8/13/2019 3 Some Secret Sharing Schemes and Further Studies - Dr Avishek Adhikari
17/49
Visual Cryptography
TheVisual cryptographic scheme, introduced byNaorand Shamirin1994, for a setPofnparticipantsis a cryptographic paradigm that enablesa secret image to be split intonshadow images calledshares, where eachparticipant inPreceives oneshare. Certain qualified subsets of participants canvisually" recover the secret image with some loss ofcontrast, but other forbidden sets of participants have
no information about the secret image.
Avishek Adhikari (University of Calcutta) Secret Sharing Schemes 16.07.11 11 / 39
Visual Cryptography Shamirs Scheme
http://find/ -
8/13/2019 3 Some Secret Sharing Schemes and Further Studies - Dr Avishek Adhikari
18/49
(2,2)-VCS
For Black pixel
For White pixel
S1 =
0 1
1 0
andS0 =
0 1
0 1
.
Avishek Adhikari (University of Calcutta) Secret Sharing Schemes 16.07.11 12 / 39
Visual Cryptography Shamirs Scheme
( )
http://find/ -
8/13/2019 3 Some Secret Sharing Schemes and Further Studies - Dr Avishek Adhikari
19/49
(2,2)-VCS
For Black pixel
For White pixel
S1 =
0 1
1 0
andS0 =
0 1
0 1
.
Avishek Adhikari (University of Calcutta) Secret Sharing Schemes 16.07.11 12 / 39
Visual Cryptography Shamirs Scheme
(2 2) VCS
http://goforward/http://find/http://goback/ -
8/13/2019 3 Some Secret Sharing Schemes and Further Studies - Dr Avishek Adhikari
20/49
(2,2)-VCS
For Black pixel
For White pixel
S1 =
0 1
1 0
andS0 =
0 1
0 1
.
Avishek Adhikari (University of Calcutta) Secret Sharing Schemes 16.07.11 12 / 39
Visual Cryptography Shamirs Scheme
R l ti t t
http://goforward/http://find/http://goback/ -
8/13/2019 3 Some Secret Sharing Schemes and Further Studies - Dr Avishek Adhikari
21/49
Relative contrast
Let us consider a(2,n)-VCS on a setP={1,2, . . . , n}ofnparticipants with basis matricesS0 andS1 and
having pixel expansionm. Then therelative contrast
for the participants corresponding toX,X P, isdenoted byX(m)and is defined as
w(S1X) w(S0X)
m .
Avishek Adhikari (University of Calcutta) Secret Sharing Schemes 16.07.11 13 / 39
Visual Cryptography Shamirs Scheme
(2 ) VCS b N d Sh i
http://find/ -
8/13/2019 3 Some Secret Sharing Schemes and Further Studies - Dr Avishek Adhikari
22/49
(2,n)-VCS by Naor and Shamir
S0 =
1 0 0 0
1 0 0 0
1 0 0 0
1 0 0 0
and S 1 =
1 0 0 0
0 1 0 0
0 0 1 0
0 0 0 1
.
Here therelative contrastfor any two participants is 14and thepixel expansionis 4.
Avishek Adhikari (University of Calcutta) Secret Sharing Schemes 16.07.11 14 / 39
Visual Cryptography Shamirs Scheme
(2 ) VCS b Sti t l
http://find/ -
8/13/2019 3 Some Secret Sharing Schemes and Further Studies - Dr Avishek Adhikari
23/49
(2,n)-VCS by Stinson at el
Letv, kandbe positive integers such that
v>k2.a(v, k, )-balanced incomplete block design
(BIBD) is a pair (X,A) such that the followingproperties are satisfied :
1 Xis a set of v elements called points,2 Ais a collection of subsets of Xcalled block,3 each block contains exactly k points,and4 every pair of distinct points is contained in exactly blocks.
Avishek Adhikari (University of Calcutta) Secret Sharing Schemes 16.07.11 15 / 39
Visual Cryptography Shamirs Scheme
(2 n) VCS by Stinson at el
http://find/ -
8/13/2019 3 Some Secret Sharing Schemes and Further Studies - Dr Avishek Adhikari
24/49
(2,n)-VCS by Stinson at el
Example of a(v=7,b=7, r=3, k=3, =1)-BIBD:
X ={1,2,3,4, 5,6,7}.
A={{1,2,4}, {2,3,5}, {3,4,6},{4,5,7}, {1,5, 6}, {2, 6,7}, {1,3,7}}.
the incidence matrix is :
1 0 0 0 1 0 11 1 0 0 0 1 00 1 1 0 0 0 1
1 0 1 1 0 0 00 1 0 1 1 0 00 0 1 0 1 1 00 0 0 1 0 1 1
Avishek Adhikari (University of Calcutta) Secret Sharing Schemes 16.07.11 16 / 39
Visual Cryptography Shamirs Scheme
Example of a (2 7) VCS using BIBD
http://find/ -
8/13/2019 3 Some Secret Sharing Schemes and Further Studies - Dr Avishek Adhikari
25/49
Example of a (2,7)-VCS using BIBD
S1 =
1 0 0 0 1 0 11 1 0 0 0 1 00 1 1 0 0 0 11 0 1 1 0 0 0
0 1 0 1 1 0 00 0 1 0 1 1 00 0 0 1 0 1 1
& S0 =
1 1 1 0 0 0 01 1 1 0 0 0 01 1 1 0 0 0 01 1 1 0 0 0 0
1 1 1 0 0 0 01 1 1 0 0 0 01 1 1 0 0 0 0
Here thepixel expansionis 7 and the relative contrast
is 2/7.
Avishek Adhikari (University of Calcutta) Secret Sharing Schemes 16.07.11 17 / 39
Visual Cryptography Our Proposed Scheme
Example of a (2 6) VCS
http://find/ -
8/13/2019 3 Some Secret Sharing Schemes and Further Studies - Dr Avishek Adhikari
26/49
Example of a(2,6)-VCS
S1 =
1 1 0 01 0 1 01 0 0 10 1 1 00 1 0 10 0 1 1
andS0 =
1 1 0 01 1 0 01 1 0 01 1 0 01 1 0 01 1 0 0
.
Clearly,pixel expansionis 4 (m=4) and therelative
contrastis either 1
2 or 1
4 .
Avishek Adhikari (University of Calcutta) Secret Sharing Schemes 16.07.11 18 / 39
Visual Cryptography Our Proposed Scheme
(2 6) VCS using PBIBD
http://goforward/http://find/http://goback/ -
8/13/2019 3 Some Secret Sharing Schemes and Further Studies - Dr Avishek Adhikari
27/49
(2,6)-VCS using PBIBD
Secret image Share 1
Share 2 Share 6
Share 1 + Share 6 Share 1 + Share 2
Avishek Adhikari (University of Calcutta) Secret Sharing Schemes 16.07.11 19 / 39
http://goforward/http://find/http://goback/ -
8/13/2019 3 Some Secret Sharing Schemes and Further Studies - Dr Avishek Adhikari
28/49
DNA Secret Sharing
Introduction
-
8/13/2019 3 Some Secret Sharing Schemes and Further Studies - Dr Avishek Adhikari
29/49
Introduction
Secret Sharing Schemes,
DNA Computing,Mathematics.
Statistics.
Avishek Adhikari (University of Calcutta) Secret Sharing Schemes 16.07.11 21 / 39
DNA Secret Sharing
Introduction
http://find/ -
8/13/2019 3 Some Secret Sharing Schemes and Further Studies - Dr Avishek Adhikari
30/49
Introduction
Secret Sharing Schemes,
DNA Computing,Mathematics.
Statistics.
Avishek Adhikari (University of Calcutta) Secret Sharing Schemes 16.07.11 21 / 39
DNA Secret Sharing
Introduction
http://find/ -
8/13/2019 3 Some Secret Sharing Schemes and Further Studies - Dr Avishek Adhikari
31/49
Introduction
Secret Sharing Schemes,
DNA Computing,Mathematics.
Statistics.
Avishek Adhikari (University of Calcutta) Secret Sharing Schemes 16.07.11 21 / 39
DNA Secret Sharing
Introduction
http://find/ -
8/13/2019 3 Some Secret Sharing Schemes and Further Studies - Dr Avishek Adhikari
32/49
Introduction
Secret Sharing Schemes,
DNA Computing,Mathematics.
Statistics.
Avishek Adhikari (University of Calcutta) Secret Sharing Schemes 16.07.11 21 / 39
DNA Secret Sharing
Aim of Our Work
http://find/ -
8/13/2019 3 Some Secret Sharing Schemes and Further Studies - Dr Avishek Adhikari
33/49
Aim of Our Work
Suppose we want to distribute asecret binary stringto a set{P1,P2, . . . ,Pn}ofnparticipants in such a
way that certain designated set of participants canreveal the secret by pulling their shares, but noforbidden set of participants hasany informationabout the secret binary string.
Avishek Adhikari (University of Calcutta) Secret Sharing Schemes 16.07.11 22 / 39
DNA Secret Sharing
Why DNA?
http://find/ -
8/13/2019 3 Some Secret Sharing Schemes and Further Studies - Dr Avishek Adhikari
34/49
Why DNA?
The very small size,
The huge storage capacity,Easy to carry or hide,
Made up of A, T, G, C,
Huge parallel computing,Stable as a DNA double
strand,
High longevity,Easy to get synthesizedDNA
Avishek Adhikari (University of Calcutta) Secret Sharing Schemes 16.07.11 23 / 39
DNA Secret Sharing
DNA encoding of binary strings
http://find/ -
8/13/2019 3 Some Secret Sharing Schemes and Further Studies - Dr Avishek Adhikari
35/49
e cod g o b a y st gs
a binary string can be represented as a set of
integers that corresponds the positions where thebits are 1 from left to right.
1011 can be represented as a set {1,3,4},
each integerican be represented in a DNAdouble strand notation as follows
dsi=(GAATT)i.if=1011, the DNA double strand representation
ofis the test tubeT[] ={ds1, ds3, ds4}.
Avishek Adhikari (University of Calcutta) Secret Sharing Schemes 16.07.11 24 / 39
DNA Secret Sharing
Mixing operation
http://find/ -
8/13/2019 3 Some Secret Sharing Schemes and Further Studies - Dr Avishek Adhikari
36/49
g p
Take the content of two test
tubes.Mixing can be done bydehydrating the tubecontents (if not already in
solution) and thencombining the fluidstogether into a new tube, bypouring and pumping.
Avishek Adhikari (University of Calcutta) Secret Sharing Schemes 16.07.11 25 / 39
DNA Secret Sharing
Bio-mathematical operations
http://find/ -
8/13/2019 3 Some Secret Sharing Schemes and Further Studies - Dr Avishek Adhikari
37/49
p
Booleanoroperation between
two binary stringsif=1011 and=1001,
the binaryorof two strings will
be 1011.T[](T[]) the test tubecorresponding to the binary string
().
pore the contents of the two testtubes to get binaryor.
Avishek Adhikari (University of Calcutta) Secret Sharing Schemes 16.07.11 26 / 39
DNA Secret Sharing
http://find/ -
8/13/2019 3 Some Secret Sharing Schemes and Further Studies - Dr Avishek Adhikari
38/49
Automated DNA Sequencing
To read the DNA double strands in the test tubewe need the process called DNA sequencing.
Avishek Adhikari (University of Calcutta) Secret Sharing Schemes 16.07.11 27 / 39
DNA Secret Sharing Proposed DNA Secret Sharing Scheme
Outlay of our scheme
http://find/ -
8/13/2019 3 Some Secret Sharing Schemes and Further Studies - Dr Avishek Adhikari
39/49
y
Consider the secret sharing scheme on
P={1,2,3,4}of 4 participants, where0={{1,2}, {2,3}, {2,4}, {1,4}}.
Qual={Y P :XYfor someX0}and
Forb=2
P
\ Qual.let the secret binary string bex=x1x2x3=011.Assume that the DNA encoding, the mixingprocess are public.
Avishek Adhikari (University of Calcutta) Secret Sharing Schemes 16.07.11 28 / 39
DNA Secret Sharing Proposed DNA Secret Sharing Scheme
Share Distribution
http://find/ -
8/13/2019 3 Some Secret Sharing Schemes and Further Studies - Dr Avishek Adhikari
40/49
The dealer chooses two Boolean matrices
G0=
0 1 0 10 1 0 1
0 1 0 0
0 0 0 1
andG1=
1 0 1 00 1 1 0
1 0 0 0
0 0 0 1
.
Sincex1=0, the dealer considers the matrixG0and apply a random permutation to the columns of
G0 and produces a matrix M1.
Similarly, forx2 andx3 onG1 to produce matricesM2andM3.Assume that the DNA encoding, the mixingprocess are public.
Avishek Adhikari (University of Calcutta) Secret Sharing Schemes 16.07.11 29 / 39
DNA Secret Sharing Proposed DNA Secret Sharing Scheme
Share Distribution
http://find/ -
8/13/2019 3 Some Secret Sharing Schemes and Further Studies - Dr Avishek Adhikari
41/49
LetM=M1||M2||M3.
first row ofM is1=010110101010. Similarly2=010101100110,3=010010001000 and4=000100010001.dealer converts the binary strings to DNArepresentations to get the test tubesT[1] ={ds2, ds4,ds5,ds7,ds9,ds11},T[2] ={ds2, ds4,ds6,ds7,ds10,ds11},T[3] ={ds2, ds4,ds5,ds9},
T[4] ={ds4, ds8,ds12},
Avishek Adhikari (University of Calcutta) Secret Sharing Schemes 16.07.11 30 / 39
DNA Secret Sharing Proposed DNA Secret Sharing Scheme
Share Distribution
http://find/ -
8/13/2019 3 Some Secret Sharing Schemes and Further Studies - Dr Avishek Adhikari
42/49
T[i]is given to the participants Pi,i=1,2, . . . , n
through a secret channel.Also the valuesm=4 andk=3 are given to theparticipants even through an insecure channel.
Avishek Adhikari (University of Calcutta) Secret Sharing Schemes 16.07.11 31 / 39
DNA Secret Sharing Proposed DNA Secret Sharing Scheme
Decryption by the Qualified participants
http://find/ -
8/13/2019 3 Some Secret Sharing Schemes and Further Studies - Dr Avishek Adhikari
43/49
LetP1,P2come together.
They use mixing procedure with test tubesT[1]andT[2]to getT[1] T[2] ={ds2,ds4, ds5,ds6,ds7,ds9,ds10,ds11}.
Execute automated DNA sequencing method toread the DNA double strands.With the knowledge of decoding the DNArepresentation to the binary string, the values of
k=3 andm=4, the participantsP1 andP2canconvert the DNA representation to the binarystringy=010111101110.
Avishek Adhikari (University of Calcutta) Secret Sharing Schemes 16.07.11 32 / 39
DNA Secret Sharing Proposed DNA Secret Sharing Scheme
Decryption by the Qualified participants
http://find/ -
8/13/2019 3 Some Secret Sharing Schemes and Further Studies - Dr Avishek Adhikari
44/49
Since, the value ofmis known to the participants,
P1 andP2can breakyasy= (0101)(1110)(1110).
Next they will find the value ofwas 3 and thenthey will computez=011, asBW(0101)
-
8/13/2019 3 Some Secret Sharing Schemes and Further Studies - Dr Avishek Adhikari
45/49
LetY ={P3,P4}come together.
They use mixing procedure with test tubesT[3]andT[4]to getT[1] T[2] ={ds2, ds4,ds5, ds8,ds9,ds12}.
they will convert the DNA representation to thebinary stringy= (0101)(1001)(1001).Thus looking at those it is not possible to predictwhether they correspond to 0 or 1.
Avishek Adhikari (University of Calcutta) Secret Sharing Schemes 16.07.11 34 / 39
Further Studies Secure Multiparty Computation
Secure Multiparty Computation: An Example
http://find/ -
8/13/2019 3 Some Secret Sharing Schemes and Further Studies - Dr Avishek Adhikari
46/49
Yaos Two Millionaires Problem
Avishek Adhikari (University of Calcutta) Secret Sharing Schemes 16.07.11 35 / 39
http://find/ -
8/13/2019 3 Some Secret Sharing Schemes and Further Studies - Dr Avishek Adhikari
47/49
Further Studies Verifiable Secret Sharing
Questions
-
8/13/2019 3 Some Secret Sharing Schemes and Further Studies - Dr Avishek Adhikari
48/49
Questions???
Avishek Adhikari (University of Calcutta) Secret Sharing Schemes 16.07.11 37 / 39
Further Studies Verifiable Secret Sharing
http://find/ -
8/13/2019 3 Some Secret Sharing Schemes and Further Studies - Dr Avishek Adhikari
49/49
Avishek Adhikari (University of Calcutta) Secret Sharing Schemes 16.07.11 38 / 39
http://goforward/http://find/http://goback/