• 中国计算机学会会刊
  • 中国科技核心期刊
  • 中文核心期刊

计算机工程与科学

• 计算机网络与信息安全 • 上一篇    下一篇

可动态更新的口令授权多秘密共享方案

王彩芬1,2,苏舜昌1,杨小东1   

  1. (1.西北师范大学计算机科学与工程学院,甘肃 兰州 730070;2.深圳技术大学,广东 深圳 518118)
  • 收稿日期:2018-11-22 修回日期:2019-04-08 出版日期:2019-09-25 发布日期:2019-09-25

A dynamically updated password
authorization multi-secret sharing scheme

WANG Cai-fen1,2,SU Shun-chang1,YANG Xiao-dong1   

  1. (1.School of Computer Science and Engineering,Northwest Normal University,Lanzhou 730070;
    2.Shenzhen Technical University,Shenzhen 518118,China)
  • Received:2018-11-22 Revised:2019-04-08 Online:2019-09-25 Published:2019-09-25

摘要:

秘密共享作为密码学中的一个重要分支,在秘钥托管、安全多方计算、导弹发射等诸多领域有重要作用。现有秘密共享方案大多数都是基于Shamir (t,n)门限方案构造的,其核心思想是秘密分发者通过秘密多项式将秘密s分为n个影子秘密并分发给持有者,其中任意少于t个影子秘密都不能得到主秘密的任何信息,但是传统方案一直没有实现秘密数量动态更新与秘密拥有者口令授权。基于传统的Shamir秘密共享方案和有限域上的模运算,在RSA密码体制的基础上提出了一种可验证的口令授权的多秘密共享方案。在秘密共享过程中,可防止分发者欺骗和恶意参与者攻击,实现秘密数量动态更新与秘密拥有者口令授权,使方案更加具有实用价值。
 

关键词: 秘密共享, RSA密码体制, 动态更新, 口令授权

Abstract:

As an important branch of cryptography, secret sharing plays an important role in secret key escrow, secure multi-party computing, missile launching and many other fields. Most of the existing secret sharing schemes are based on the (t, n)-Shamir threshold scheme, whose core idea is that the secret distributor divides the secret s  into  n shadow secrets and distributes them to the holder by secret polynomial. Any less than t shadow secret cannot get any information of the main secret. However, traditional schemes cannot realize dynamic update of the secret number and password authorization of the secret holder. Based on the traditional Shamir secret sharing scheme and the modular operation over finite fields and the RSA cryptosystem, we propose a verifiable password-authorized multi-secret sharing scheme. In the secret sharing process, it can prevent distributors from deceiving and malicious participants’ attack, and achieve dynamic update of the secret number and password authorization of the secret holder, which makes the scheme more practical.

 

Key words: secret sharing, RSA cryptosystem, dynamic update, password authorization