Abstract by anuja a sonalker on Asymmetric Key Distribution


Download 217.42 Kb.
Pdf ko'rish
bet21/43
Sana19.04.2023
Hajmi217.42 Kb.
#1365410
1   ...   17   18   19   20   21   22   23   24   ...   43
Bog'liq
etd

3.7 Secret share generation 
Secret share generation is an important aspect of the key generation process. The size of 
each secret key share with respect to the complete key is of prime importance in 
determining the security and confidence in the key share. Very small key shares can be 
exposed through brute force attacks. Blakley [27] and Shamir [1] were the first to 
introduce t-out-of-k secret sharing schemes. In such types of schemes, at least t shares are 
required to successfully retrieve the secret. The knowledge of t-1 shares does not expose 
the secret. While these schemes were mainly created as solutions to protecting secrets, 
other protocols invented by Ito, Saito, Nishizeki [28], Shoup [29], Benaloh and Leichter 
[30] were created to generate valid signatures and can be used for any arbitrary access 
structures. An access structure is a specification of all the subsets of participants who can 
recover the secret and it is said to be monotone if any secret that contains a subset, can 
itself recover the secret. While Shoup’s scheme possesses reusability and verification, 
Shamir’s possesses none.
Though any of the schemes mentioned above and more, may be used for the purpose of 
splitting the key into secret shares, we choose to implement a simplified scheme since it 
suffices for the purpose of validating our scheme. We create a random modulus Z less 
than the private key d, called the splitting modulus and this modulus is used to create the 
secret shares. For each shares of each set, we generate a new Z, namely, Z
i
. These Z
i
’s are 


27 
stored in a moduli history array Z[] to avoid repetition and hence production of identical 
shares in separate sets. Every Z

is checked against every previous Z
i
and (d - Z
i
) in Z[] 
and recomputed in case of a match. Each share is computed as d mod Z
i
. The new 
remaining chunk of the key, new_d, obtained after each share is created is further 
recursively split until the required number of shares is created. For every i, Z

is used as 
long as the required number of shares has not been created and the value of the 
subsequent key new_d is not less than Z
i, 
in which case, Z

is recomputed and the 
corresponding set is recreated. For every set, the Trusted Dealer verifies the key shares 
computed to ensure that they work correctly. They are subsequently stored. 
Download 217.42 Kb.

Do'stlaringiz bilan baham:
1   ...   17   18   19   20   21   22   23   24   ...   43




Ma'lumotlar bazasi mualliflik huquqi bilan himoyalangan ©fayllar.org 2024
ma'muriyatiga murojaat qiling