CN106453285A - Method and device for verifying secret data sharing - Google Patents

Method and device for verifying secret data sharing Download PDF

Info

Publication number
CN106453285A
CN106453285A CN201610856701.4A CN201610856701A CN106453285A CN 106453285 A CN106453285 A CN 106453285A CN 201610856701 A CN201610856701 A CN 201610856701A CN 106453285 A CN106453285 A CN 106453285A
Authority
CN
China
Prior art keywords
vector
predetermined number
secret
sub
share
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN201610856701.4A
Other languages
Chinese (zh)
Other versions
CN106453285B (en
Inventor
吕春利
张博
曾子川
申长虹
刘瑜
马钦
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
China Agricultural University
Original Assignee
China Agricultural University
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by China Agricultural University filed Critical China Agricultural University
Priority to CN201610856701.4A priority Critical patent/CN106453285B/en
Publication of CN106453285A publication Critical patent/CN106453285A/en
Application granted granted Critical
Publication of CN106453285B publication Critical patent/CN106453285B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/06Network architectures or network communication protocols for network security for supporting key management in a packet data network
    • H04L63/062Network architectures or network communication protocols for network security for supporting key management in a packet data network for key distribution, e.g. centrally by trusted party
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/06Network architectures or network communication protocols for network security for supporting key management in a packet data network
    • H04L63/067Network architectures or network communication protocols for network security for supporting key management in a packet data network using one-time keys
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/085Secret sharing or secret splitting, e.g. threshold schemes
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0861Generation of secret information including derivation or calculation of cryptographic keys or passwords
    • H04L9/0869Generation of secret information including derivation or calculation of cryptographic keys or passwords involving random numbers or seeds

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Storage Device Security (AREA)
  • Management, Administration, Business Operations System, And Electronic Commerce (AREA)

Abstract

The invention discloses a method and a device for verifying secret data sharing. The method comprises the steps of: expressing secret data as a first preset number of secret vectors; selecting a second preset number of random character string vectors, and according to the random character string vectors, determining a sharing polynomial of the secret vectors; calculating an identity identifier, and according to the sharing polynomial and the identity identifier, calculating to obtain a third preset number of sub share vectors of the secret vectors; and calculating a sharing promise (with reference to the specification), verifying the sub share vectors according to the sharing promise, and determining correctness of the sub share vectors. According to the method and the device which are disclosed by the invention, the sharing polynomial of the secret data is determined by the random character string vectors, the sub share vectors of the secret vectors are calculated according to the sharing polynomial, and by a verification formula, the sub share vectors are verified; both a calculated amount and communication traffic are small; and calculation efficiency is relatively high.

Description

Verification method and device that a kind of secret data is shared
Technical field
The present invention relates to field of information security technology and in particular to a kind of secret data share verification method and device.
Background technology
Privacy sharing is the important means of information security data secrecy, and it is protected in the safety of important information and secret data Deposit, transmit and legal using in play pivotal role.Wherein the scheme of Shamir is the classics in secret sharing scheme, its base This thought is shared secret S to be divided into n share secret be distributed to different participants, meets and is only more than or equal to t service Device joint could reconstruct shared secret, and is arbitrarily less than any information that t server can not obtain this secret.But, Shamir scheme needs to assume two premises:One is that secret distributor is always honest;Two is that the preserver of n share has The status of equality and right completely, and there is identical safety and reliability.Often assume in reality for this two It is difficult to be met, thus privacy sharing can be led to there is safety problem in practical application scene it may be verified that privacy sharing Concept exactly produces in this context.Privacy sharing due to can verify that is the base of the secret sharing scheme of active safety Fault-tolerant important tool in plinth and practical application, so be much operated in the secret sharing scheme that research can verify that again.
One of classical Verified secret sharing scheme is the scheme of Feldman.Feldman scheme is based on Shamir Scheme and dispersed accumulation, to being all condition safety in secret confidentiality and verifiability, and simpler and clear. But, the secret sharing scheme based on Shamir needs to be calculated on the finite field for prime number p for the rank, and in VSS side In case, need to find the cyclic group that a rank is prime number q, and q is the prime factor of p-1, so can increase promise size, scheme Can be not good.In prior art, this problem is studied, but all be there are shortcomings:Each shared secret need to be expected Calculate, and the certification of sub-secret needs each side to cooperate online, thus amount of calculation and the traffic are all very big;Or safety is to be based on The intractability of discrete logarithm, in order to prevent the fraud between participant, needs to execute an interactive indentification protocol, amount of calculation is non- Chang great;Or adopt multi-secret sharing scheme scheme, but the program to there is distributor computationally intensive, the shortcomings of inefficient.
Content of the invention
Due to the indentification protocol of existing secret data sharing method, to there is amount of calculation and the traffic all very big, inefficient The problems such as, the present invention proposes verification method and the device that a kind of secret data is shared.
In a first aspect, the present invention proposes the verification method that a kind of secret data is shared, including:
Secret data is divided into the isometric secret vector being expressed as the first predetermined number block number;
Select the random string vector of the second predetermined number, and secret data is determined according to described random string vector Shared multinomial;
Calculate identity, and obtain the 3rd of secret vector the according to described identity and described shared polynomial computation The sub- share vector of predetermined number;
Calculate shared promise
According to described shared promise, described sub- share vector is verified, determine the correctness of described sub- share vector; Wherein, i, j are nonnegative integer, (0≤i≤p-1,0≤j≤t-1);P is positive integer, and p-1 is described first predetermined number;T is Positive integer, t-1 is described second predetermined number;ri,jFor described random string vector component,For cyclic group one Generate unit;Q is described circulation order of a group, and for can disclose, sufficiently large prime number.
Preferably, also include:
According to reconstruct expression formula, secret reconstruct is carried out to the sub- share vector of at least the 4th predetermined number, obtains described secret Ciphertext data.
Preferably, described shared polynomial f (x) is:
Wherein, x represents described shared polynomial independent variable,It is respectively t-1 random character String vector, t is positive integer, and t-1 represents described second predetermined number;Represent described secret data.
Preferably, the sub- share vector of described 3rd predetermined numberFor:
Wherein, m is positive integer;P is positive integer, and p-1 represents described first predetermined number;y0,m,…,yp-2,mIt is respectively institute State the daughter element of sub- share vector, n represents the 3rd predetermined number.
Preferably, described reconstruct expression formulaFor:
Wherein,BottomBlockRowof () expression takes matrix in block form? A line piecemeal row vector afterwards;The sub- share vector of at least the 4th predetermined number described in expression;λ0, λ1... ... λt-1For positive integer, represent the subscript of optional t sub- share from sub- share;T is positive integer, and t represents described 4th present count Amount.
Second aspect, the present invention also proposes the checking device that a kind of secret data is shared, including:
Data division module, for by secret data be divided into the isometric secret being expressed as the first predetermined number block number to Amount;
Multinomial determining module, for selecting the random string vector of the second predetermined number, and according to described random words Symbol string vector determines the shared multinomial of secret data;
Vector calculation module, for calculating identity, and according to described identity with according to described shared multinomial It is calculated the sub- share vector of the 3rd predetermined number of secret vector;
Promise to undertake computing module, for calculating shared promise
Vectorial authentication module, for verifying to described sub- share vector according to described shared promise, determines described son The correctness of share vector;
Wherein, i, j are nonnegative integer, (0≤i≤p-1,0≤j≤t-1);P is positive integer, and p-1 presets for described first Quantity;T is positive integer, and t-1 is described second predetermined number;ri,jFor described random string vector component,For circulation One generation unit of group;Q is described circulation order of a group, and for can disclose, sufficiently large prime number.
Preferably, also include:
Secret reconstructed module, for according to reconstruct expression formula, carrying out secret to the sub- share vector of at least the 4th predetermined number Close reconstruct, obtains described secret data.
Preferably, the described shared polynomial f (x) in described multinomial determining module is:
Wherein, x represents described shared polynomial independent variable,It is respectively t-1 random character String vector, t is positive integer, and t-1 represents described second predetermined number;Represent described secret data.
Preferably, the sub- share vector of the 3rd predetermined number described in described vector calculation moduleFor:
Wherein, m is positive integer;P is positive integer, and p-1 represents described first predetermined number;y0,m,…,yp-2,mIt is respectively institute State the daughter element of sub- share vector, n represents the 3rd predetermined number.
Preferably, reconstruct expression formula described in described secret reconstructed moduleFor:
Wherein,BottomBlockRowof () expression takes matrix in block form? A line piecemeal row vector afterwards;The sub- share of the 3rd predetermined number of at least the 4th predetermined number described in expression to Amount;λ0, λ1... ... λt-1For positive integer, represent the subscript of optional t sub- share from sub- share;T is positive integer, and t represents described 4th predetermined number.
As shown from the above technical solution, the present invention determines the shared multinomial of secret data by random string vector, And secret vectorial sub- share vector is obtained according to shared polynomial computation, and verified by verifying formula antithetical phrase share vector, Amount of calculation and the traffic are all less, and computational efficiency is higher.
Brief description
In order to be illustrated more clearly that the embodiment of the present invention or technical scheme of the prior art, below will be to embodiment or existing Have technology description in required use accompanying drawing be briefly described it should be apparent that, drawings in the following description be only this Some embodiments of invention, for those of ordinary skill in the art, on the premise of not paying creative work, acceptable Other accompanying drawings are obtained according to these figures.
The schematic flow sheet of the verification method that Fig. 1 shares for a kind of secret data that one embodiment of the invention provides;
Renewable (t, n) threshold secret sharing scheme flow chart calculating safety that Fig. 2 provides for one embodiment of the invention;
(t, n) threshold secret sharing scheme illustraton of model that Fig. 3 provides for one embodiment of the invention;
The geometric description figure of upper (t, n) threshold secret sharing process of group that Fig. 4 provides for one embodiment of the invention;
The structural representation of the checking device that Fig. 5 shares for a kind of secret data that one embodiment of the invention provides.
Specific embodiment
Below in conjunction with the accompanying drawings, the specific embodiment of invention is further described.Following examples are only used for more clear Chu's ground explanation technical scheme, and can not be limited the scope of the invention with this.
Fig. 1 shows the schematic flow sheet of the verification method that a kind of secret data that one embodiment of the invention provides is shared, Including:
S1, secret data is divided into the isometric secret vector being expressed as the first predetermined number block number;
S2, the random string vector of selection the second predetermined number, and determined secret according to described random string vector The shared multinomial of data;
S3, calculating identity, and secret vector is obtained according to described identity and described shared polynomial computation The sub- share vector of the 3rd predetermined number;
S4, the shared promise of calculating
S5, according to described shared promise, described sub- share vector is verified, determine the correct of described sub- share vector Property;
Wherein, i, j are nonnegative integer, (0≤i≤p-1,0≤j≤t-1);P is positive integer, and p-1 presets for described first Quantity;T is positive integer, and t-1 is described second predetermined number;ri,jFor described random string vector component,For circulation One generation unit of group;Q is described circulation order of a group, and for can disclose, sufficiently large prime number.
The present embodiment determines the shared multinomial of secret data by random string vector, and according to shared multinomial meter Calculate the sub- share vector obtaining secret vector, and by verifying the vector checking of formula antithetical phrase share, amount of calculation and the traffic all relatively Little, and computational efficiency is higher.
Further, methods described also includes:
S6, according to reconstruct expression formula, the sub- share vector of at least the 4th predetermined number is carried out with secret reconstruct, obtains described Secret data.
Carry out secret reconstruct by reconstructing expression formula, being capable of quick correctly Restore Secret data.
Specifically, described shared polynomial f (x) is:
Wherein, x represents described shared polynomial independent variable,It is respectively t-1 random character String vector, t is positive integer, and t-1 represents described second predetermined number;Represent described secret data.
By amount of calculation using the shared multinomial shown in formula one, can be reduced, improve computational efficiency.
Further, the sub- share vector of described 3rd predetermined numberFor:
Wherein, m is positive integer;P is positive integer, and p-1 represents described first predetermined number;y0,m,…,yp-2,mIt is respectively institute State the daughter element of sub- share vector, n represents the 3rd predetermined number.
By using the sub- share vector shown in formula two, being capable of the traffic between less banker and member.
Further, described reconstruct expression formulaFor:
Wherein,BottomBlockRowof () expression takes matrix in block form? A line piecemeal row vector afterwards;The sub- share vector of at least the 4th predetermined number described in expression;λ0, λ1... ... λt-1For positive integer, represent the subscript of optional t sub- share from sub- share;T is positive integer, and t represents described 4th present count Amount.
By using the reconstruct expression formula shown in formula three, amount of calculation can be reduced.
The verification method that the secret data that the present embodiment provides is shared is similar to the scheme of Feldman, and group's Upper threshold is secret Share and combine with dispersed accumulation, the confidentiality for secret information and verifiability can reach the safety in calculating Property, and improve computational efficiency, reduce promise size, make privacy sharing method be more suitable for the data storage of big data quantity On.
For example, Fig. 2 and Fig. 3 respectively illustrate the present embodiment offer calculate safety renewable (t, n) thresholding secret Close secret sharing flow chart and (t, n) threshold secret sharing scheme illustraton of model;Assume have the banker D need to be in n participant U= {U1,…UnBetween shared secret S, only when t or t above participant joins together to recover shared secret, individual less than t Any combinations of participant all cannot obtain with regard to secret any information.Concrete scheme is made up of 4 sub- agreements:System is initial Change, secret distribution protocol, the indentification protocol of sub- share vector and secret reconstruct agreement.
A1, system initialization
A11, banker define and announce a sufficiently large prime number q, define cyclic group G that a rank is q, g is of G Generate unit;
A12, one finitely Abelian group of definitionRank is integer0 generates unit for it;
A13, look for a prime number p (>=n), andRe-define a vector space [0,…0]TFor generating unit, scalar operation result thereon all falls withinOn.
A2, secret distribution protocol
A21, it is divided into p-1 block by isometric for secret S, be designated asChoose t-2 random string vectorWherein
A22, banker choose privacy sharing multinomial:
OrderSub- share vector can be calculated by formula two
Wherein,For participant PmIdentity, and be defined as:0≤m≤p-1
For example, as p=5,
Represent that above-mentioned privacy sharing process is as follows with matrix form:
Wherein,
For example, with k=3, as a example n=4, p=5, by above-mentionedAnd Hn×tDefinition can get H4×3As follows:
According to the expression matrix of privacy sharing, i.e. formula four, to calculate sub- share vectorFor Example, has:
Therefore, the expression matrix according to privacy sharing, can obtain the geometric description of scheme, as shown in Figure 4.Retouch from geometry State as can be seen that calculating sub- share vectorMathematic(al) representation be:
Wherein 0≤i≤p-2,0≤j≤t-1, ri,t-1=si, rp-1,j=0.
The secret distribution of A23, banker sub- share vectorTo Um(0≤m≤n-1);
A24, banker make following promise using discrete logarithm, that is, calculate(0≤i≤p-1,0≤j≤ T-1), wherein ri,t-1=si, rp-1,j=0, and it is broadcast to Um(0≤m≤n-1).
A3, the indentification protocol of sub- share vector
UmReceive sub- share vectorAnd Ai,jAfterwards, sub- share vector can be verified by formula six Correctness:
Wherein, 0≤i≤p-2.
The correctness of formula six is described below:
A in the formula five of the geometric description according to privacy sharing and step A24i,jCalculating formula can obtain:
A4, secret reconstruct agreement
As at least t member Uλ(λ ∈ B, and | B | >=t) provides their sub- share vectorAfterwards, available formula (4) is entered The secret reconstruct of row (here) taking t sub- share vector as a example:
Wherein,
Vk×kIt is according to the secret vector of t shadowFrom Hn×tMiddle take out what corresponding t row vector formed Square formation, wherein
Secret therefore can be reconstructed
Integer mould is added group by the present embodimentOn efficient secret sharing scheme combine with dispersed accumulation, tool There is following beneficial effect:
Based on efficient threshold secret sharing scheme on a population, it is shared and reduction efficiency can reach highest in theory;
Secret vector generating process can be obtained by visual in image geometric expression, thus for can verify that Threshold Secret altogether Scheme of enjoying provides and calculates basis;
Confidentiality for secret information and verifiability can be realized calculating safety (condition safety);
Promise to undertake a size of everyBits only needs the promise of | q | bits, compared with the promise chi of Feldman scheme Very little little;
Compared to each element of Feldman scheme need 1 exponent arithmetic andSecondary multiplying, this programme Computational efficiency be 1 exponent arithmetic and t-1 multiplying, so when this scheme is applied to the privacy sharing of big data quantity, Computational efficiency is higher.
Fig. 5 shows the structural representation described device of the checking device that a kind of secret data that the present embodiment provides is shared Including data division module 11, multinomial determining module 12, vector calculation module 13 and vectorial authentication module 14;Wherein,
Data division module 11 be used for by secret data be divided into the isometric secret being expressed as the first predetermined number block number to Amount;
Multinomial determining module 12 is used for selecting the random string vector of the second predetermined number, and according to described random words Symbol string vector determines the shared multinomial of secret data;
Vector calculation module 13 is used for calculating identity, and according to described identity and described shared polynomial computation Obtain the sub- share vector of the 3rd predetermined number of secret vector;
Promise to undertake computing module 14, for calculating shared promise
Vectorial authentication module 15 is used for according to described shared promise, described sub- share vector being verified, determines described son The correctness of share vector;
Wherein, i, j are nonnegative integer, (0≤i≤p-1,0≤j≤t-1);P is positive integer, and p-1 presets for described first Quantity;T is positive integer, and t-1 is described second predetermined number;ri,jFor described random string vector component,For circulation One generation unit of group;Q is described circulation order of a group, and for can disclose, sufficiently large prime number.
Specifically, secret data is divided into the isometric secret being expressed as the first predetermined number block number by data division module 11 Vector;Multinomial determining module 12 select the second predetermined number random string vector, and according to described random string to Amount determines the shared multinomial of secret data;Vector calculation module 13 obtains secret vector according to described shared polynomial computation Sub- share vector;Promise to undertake that computing module 14 calculates shared promiseVectorial authentication module 15 is according to described shared Promise to undertake and described sub- share vector is verified, determine the correctness of described sub- share vector.
The present embodiment determines the shared multinomial of secret data by random string vector, and according to shared multinomial meter Calculate the sub- share vector obtaining secret vector, and by verifying the vector checking of formula antithetical phrase share, amount of calculation and the traffic all relatively Little, and computational efficiency is higher.
Further, described device also includes:
Secret reconstructed module 16, for according to reconstruct expression formula, carrying out to the sub- share vector of at least the 4th predetermined number Secret reconstruct, obtains described secret data.
Specifically, the described shared polynomial f (x) in described multinomial determining module is:
Wherein, x represents described shared polynomial independent variable,It is respectively t-1 random character String vector, t is positive integer, and t-1 represents described second predetermined number;Represent described secret data.
Further, the sub- share vector of the 3rd predetermined number described in described vector calculation moduleFor:
Wherein, m is positive integer;P is positive integer, and p-1 represents described first predetermined number;y0,m,…,yp-2,mIt is respectively institute State point vector of sub- share vector.
Further, reconstruct expression formula described in described secret reconstructed moduleFor:
Wherein,BottomBlockRowof () expression takes matrix in block form? A line piecemeal row vector afterwards;The sub- share vector of at least the 4th predetermined number described in expression;λ0, λ1... ... λt-1For positive integer, represent the subscript of optional t sub- share from sub- share;T is positive integer, and t represents described 4th present count Amount.
The checking device that secret data described in the present embodiment is shared can be used for executing said method embodiment, its principle Similar with technique effect, here is omitted.
In the description of the present invention, illustrate a large amount of details.It is to be appreciated, however, that embodiments of the invention are permissible Put into practice in the case of there is no these details.In some instances, known method, structure and skill are not been shown in detail Art, so as not to obscure the understanding of this description.

Claims (10)

1. the verification method that a kind of secret data is shared is it is characterised in that include:
Secret data is divided into the isometric secret vector being expressed as the first predetermined number block number;
Select the random string vector of the second predetermined number, and being total to of secret data is determined according to described random string vector Enjoy multinomial;
Calculate identity, and obtain the 3rd of secret vector according to described identity and described shared polynomial computation and preset The sub- share vector of quantity;
Calculate shared promise
According to described shared promise, described sub- share vector is verified, determine the correctness of described sub- share vector;
Wherein, i, j are nonnegative integer, (0≤i≤p-1,0≤j≤t-1);P is positive integer, and p-1 is described first predetermined number; T is positive integer, and t-1 is described second predetermined number;ri,jFor described random string vector component,For cyclic group one Individual generation unit;Q is described circulation order of a group, and for can disclose, sufficiently large prime number.
2. method according to claim 1 is it is characterised in that also include:
According to reconstruct expression formula, secret reconstruct is carried out to the sub- share vector of at least the 4th predetermined number, obtains described secret number According to.
3. method according to claim 1 is it is characterised in that described shared polynomial f (x) is:
Wherein, x represents described shared polynomial independent variable,Be respectively t-1 random string to Amount, t is positive integer, and t-1 represents described second predetermined number;Represent described secret data.
4. method according to claim 3 is it is characterised in that the sub- share of described 3rd predetermined number is vectorialFor:
Wherein, m is positive integer, and 0≤m≤n-1;P is positive integer, and p-1 represents described first predetermined number;y0,m,…,yp-2,m It is respectively the daughter element of described sub- share vector, n represents the 3rd predetermined number.
5. method according to claim 2 is it is characterised in that described reconstruct expression formulaFor:
Wherein,BottomBlockRowof () expression takes matrix in block formLast Row piecemeal row vector;The sub- share vector of at least the 4th predetermined number described in expression;λ0, λ1... ... λt-1For Positive integer, represents the subscript of optional t sub- share from sub- share;T is positive integer, and t represents described 4th predetermined number.
6. the checking device that a kind of secret data is shared is it is characterised in that include:
Data division module, for being divided into the isometric secret vector being expressed as the first predetermined number block number by secret data;
Multinomial determining module, for selecting the random string vector of the second predetermined number, and according to described random string Vector determines the shared multinomial of secret data;
Vector calculation module, for calculating identity, and obtains according to described identity and described shared polynomial computation The sub- share vector of the 3rd predetermined number of secret vector;
Promise to undertake computing module, for calculating shared promise
Vectorial authentication module, for verifying to described sub- share vector according to described shared promise, determines described sub- share The correctness of vector;
Wherein, i, j are nonnegative integer, (0≤i≤p-1,0≤j≤t-1);P is positive integer, and p-1 is described first predetermined number; T is positive integer, and t-1 is described second predetermined number;ri,jFor described random string vector component,For cyclic group one Individual generation unit;Q is described circulation order of a group, and for can disclose, sufficiently large prime number.
7. device according to claim 6 is it is characterised in that also include:
Secret reconstructed module, for according to reconstruct expression formula, carrying out secret weight to the sub- share vector of at least the 4th predetermined number Structure, obtains described secret data.
8. device according to claim 6 is it is characterised in that described shared multinomial in described multinomial determining module F (x) is:
Wherein, x represents described shared polynomial independent variable,Be respectively t-1 random string to Amount, t is positive integer, and t-1 represents described second predetermined number;Represent described secret data.
9. device according to claim 8 is it is characterised in that the 3rd predetermined number described in described vector calculation module Sub- share vectorFor:
Wherein, m is positive integer;P is positive integer, and p-1 represents described first predetermined number;y0,m,…,yp-2,mIt is respectively described son The daughter element of share vector, n represents the 3rd predetermined number.
10. device according to claim 7 is it is characterised in that reconstruct expression formula described in described secret reconstructed module For:
Wherein,BottomBlockRowof () expression takes matrix in block formLast Row piecemeal row vector;The sub- share vector of the 3rd predetermined number of at least the 4th predetermined number described in expression; λ0, λ1... ... λt-1For positive integer, represent the subscript of optional t sub- share from sub- share;T is positive integer, and t-1 represents described Second predetermined number.
CN201610856701.4A 2016-09-27 2016-09-27 A kind of verification method and device that secret data is shared Active CN106453285B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201610856701.4A CN106453285B (en) 2016-09-27 2016-09-27 A kind of verification method and device that secret data is shared

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201610856701.4A CN106453285B (en) 2016-09-27 2016-09-27 A kind of verification method and device that secret data is shared

Publications (2)

Publication Number Publication Date
CN106453285A true CN106453285A (en) 2017-02-22
CN106453285B CN106453285B (en) 2019-07-23

Family

ID=58170533

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201610856701.4A Active CN106453285B (en) 2016-09-27 2016-09-27 A kind of verification method and device that secret data is shared

Country Status (1)

Country Link
CN (1) CN106453285B (en)

Cited By (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN107203487A (en) * 2017-05-24 2017-09-26 东南大学 A kind of safe reconstruction structure of anti-power consumption attack
CN109120398A (en) * 2018-08-03 2019-01-01 河南师范大学 A kind of privacy sharing method and apparatus based on block catenary system
CN110457936A (en) * 2019-07-01 2019-11-15 阿里巴巴集团控股有限公司 Data interactive method, device and electronic equipment
CN110717186A (en) * 2019-09-04 2020-01-21 阿里巴巴集团控股有限公司 Data processing method and device and electronic equipment
CN110800034A (en) * 2017-07-05 2020-02-14 日本电信电话株式会社 Secret calculation system, secret calculation device, secret calculation method, program, and recording medium
US20220271933A1 (en) * 2021-02-19 2022-08-25 Samsung Electronics Co., Ltd. System and method for device to device secret backup and recovery

Citations (10)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101873212A (en) * 2010-06-09 2010-10-27 中国农业大学 Threshold secret information distributing and restoring devices and method
CN101882992A (en) * 2010-06-21 2010-11-10 中国农业大学 Threshold secret information distribution and recovery method and device
CN102064946A (en) * 2011-01-25 2011-05-18 南京邮电大学 Secret key sharing method based on identity-based encryption
CN103259650A (en) * 2013-04-25 2013-08-21 河海大学 Fair and rational multi-secret sharing method for honest participants
EP2879324A1 (en) * 2012-07-05 2015-06-03 Nippon Telegraph And Telephone Corporation Secret sharing system, data distribution device, distributed data conversion device, secret sharing method, and program
CN105406966A (en) * 2015-12-30 2016-03-16 中国农业大学 Threshold secret information distribution, restoration, integrity verification method and device
CN105450394A (en) * 2015-12-30 2016-03-30 中国农业大学 Share updating method and device based on threshold secret sharing
CN105491006A (en) * 2015-11-13 2016-04-13 河南师范大学 Device and method for sharing cloud outsourcing key
CN105516340A (en) * 2015-12-30 2016-04-20 中国农业大学 Cloud storage data recoverability verification method and system
CN105653983A (en) * 2015-12-30 2016-06-08 中国农业大学 Cloud storage based information distribution, restoration and integrity verification methods and apparatuses

Patent Citations (10)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101873212A (en) * 2010-06-09 2010-10-27 中国农业大学 Threshold secret information distributing and restoring devices and method
CN101882992A (en) * 2010-06-21 2010-11-10 中国农业大学 Threshold secret information distribution and recovery method and device
CN102064946A (en) * 2011-01-25 2011-05-18 南京邮电大学 Secret key sharing method based on identity-based encryption
EP2879324A1 (en) * 2012-07-05 2015-06-03 Nippon Telegraph And Telephone Corporation Secret sharing system, data distribution device, distributed data conversion device, secret sharing method, and program
CN103259650A (en) * 2013-04-25 2013-08-21 河海大学 Fair and rational multi-secret sharing method for honest participants
CN105491006A (en) * 2015-11-13 2016-04-13 河南师范大学 Device and method for sharing cloud outsourcing key
CN105406966A (en) * 2015-12-30 2016-03-16 中国农业大学 Threshold secret information distribution, restoration, integrity verification method and device
CN105450394A (en) * 2015-12-30 2016-03-30 中国农业大学 Share updating method and device based on threshold secret sharing
CN105516340A (en) * 2015-12-30 2016-04-20 中国农业大学 Cloud storage data recoverability verification method and system
CN105653983A (en) * 2015-12-30 2016-06-08 中国农业大学 Cloud storage based information distribution, restoration and integrity verification methods and apparatuses

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
李瑞林: "基于单向散列函数的可验证门限秘密共享技术研究", 《中国优秀硕士论文全文数据库信息科技辑》 *

Cited By (11)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN107203487A (en) * 2017-05-24 2017-09-26 东南大学 A kind of safe reconstruction structure of anti-power consumption attack
CN107203487B (en) * 2017-05-24 2020-09-11 东南大学 Security reconfigurable architecture capable of resisting power consumption attack
CN110800034A (en) * 2017-07-05 2020-02-14 日本电信电话株式会社 Secret calculation system, secret calculation device, secret calculation method, program, and recording medium
CN110800034B (en) * 2017-07-05 2023-05-02 日本电信电话株式会社 Secret calculation system, secret calculation device, secret calculation method, program, and recording medium
CN109120398A (en) * 2018-08-03 2019-01-01 河南师范大学 A kind of privacy sharing method and apparatus based on block catenary system
CN109120398B (en) * 2018-08-03 2021-07-27 河南师范大学 Secret sharing method and device based on block chain system
CN110457936A (en) * 2019-07-01 2019-11-15 阿里巴巴集团控股有限公司 Data interactive method, device and electronic equipment
CN110457936B (en) * 2019-07-01 2020-08-14 阿里巴巴集团控股有限公司 Data interaction method and device and electronic equipment
US10873452B1 (en) 2019-07-01 2020-12-22 Advanced New Technologies Co., Ltd. Secret sharing data exchange for generating a data processing model
CN110717186A (en) * 2019-09-04 2020-01-21 阿里巴巴集团控股有限公司 Data processing method and device and electronic equipment
US20220271933A1 (en) * 2021-02-19 2022-08-25 Samsung Electronics Co., Ltd. System and method for device to device secret backup and recovery

Also Published As

Publication number Publication date
CN106453285B (en) 2019-07-23

Similar Documents

Publication Publication Date Title
CN106453285B (en) A kind of verification method and device that secret data is shared
CN106452745B (en) A kind of verification method and device that secret data is shared
Carpentieri A perfect threshold secret sharing scheme to identify cheaters
US11316676B2 (en) Quantum-proof multiparty key exchange system, quantum-proof multiparty terminal device, quantum-proof multiparty key exchange method, program, and recording medium
EP3195522B1 (en) Generating shares of secret data
CN105450394B (en) A kind of share update method and device based on threshold secret sharing
CN103475469A (en) Method and device for achieving SM2 algorithm with combination of CPU and GPU
KR20130143446A (en) Method for authenticating low efficiency device
CN107294696B (en) Method for distributing full homomorphic keys for Leveled
CN112380495B (en) Secure multiparty multiplication method and system
Tian et al. Publicly Verifiable Secret Sharing Schemes Using Bilinear Pairings.
CN108028751B (en) System, computer-readable medium, and method for mobile proactive secret sharing
CN112597542B (en) Aggregation method and device of target asset data, storage medium and electronic device
CN108418810A (en) Secret sharing method based on Hadamard matrix
US9660813B1 (en) Dynamic privacy management for communications of clients in privacy-preserving groups
CN111046411B (en) Power grid data safe storage method and system
Zhao et al. Fuzzy identity-based dynamic auditing of big data on cloud storage
CN117150523A (en) Distributed power negotiation privacy protection method and device and electronic equipment
CN109510709B (en) RSA-based (k, n) threshold signature method and device and electronic equipment
CN113326475B (en) Matrix inversion outsourcing calculation method based on elementary matrix
CN113779615A (en) Safe decentralized diagram federation learning method
CN103078736A (en) Multi-dimensional key generating method
CN107967431A (en) A kind of secret protection skyline querying methods on vertical distribution data set
US9577828B2 (en) Batch verification method and apparatus thereof
CN109981276B (en) National cipher substitution realization method for zk-snark bottom layer bilinear pairs

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant