Abstract by anuja a sonalker on Asymmetric Key Distribution
Download 217.42 Kb. Pdf ko'rish
|
etd
|
3.7 Secret share generation
Secret share generation is an important aspect of the key generation process. The size of each secret key share with respect to the complete key is of prime importance in determining the security and confidence in the key share. Very small key shares can be exposed through brute force attacks. Blakley [27] and Shamir [1] were the first to introduce t-out-of-k secret sharing schemes. In such types of schemes, at least t shares are required to successfully retrieve the secret. The knowledge of t-1 shares does not expose the secret. While these schemes were mainly created as solutions to protecting secrets, other protocols invented by Ito, Saito, Nishizeki [28], Shoup [29], Benaloh and Leichter [30] were created to generate valid signatures and can be used for any arbitrary access structures. An access structure is a specification of all the subsets of participants who can recover the secret and it is said to be monotone if any secret that contains a subset, can itself recover the secret. While Shoup’s scheme possesses reusability and verification, Shamir’s possesses none. Though any of the schemes mentioned above and more, may be used for the purpose of splitting the key into secret shares, we choose to implement a simplified scheme since it suffices for the purpose of validating our scheme. We create a random modulus Z less than the private key d, called the splitting modulus and this modulus is used to create the secret shares. For each shares of each set, we generate a new Z, namely, Z i . These Z i ’s are 27 stored in a moduli history array Z[] to avoid repetition and hence production of identical shares in separate sets. Every Z i is checked against every previous Z i and (d - Z i ) in Z[] and recomputed in case of a match. Each share is computed as d mod Z i . The new remaining chunk of the key, new_d, obtained after each share is created is further recursively split until the required number of shares is created. For every i, Z i is used as long as the required number of shares has not been created and the value of the subsequent key new_d is not less than Z i, in which case, Z i is recomputed and the corresponding set is recreated. For every set, the Trusted Dealer verifies the key shares computed to ensure that they work correctly. They are subsequently stored. Download 217.42 Kb. Do'stlaringiz bilan baham: 
|