CN106453285B - A kind of verification method and device that secret data is shared - Google Patents

A kind of verification method and device that secret data is shared Download PDF

Info

Publication number
CN106453285B
CN106453285B CN201610856701.4A CN201610856701A CN106453285B CN 106453285 B CN106453285 B CN 106453285B CN 201610856701 A CN201610856701 A CN 201610856701A CN 106453285 B CN106453285 B CN 106453285B
Authority
CN
China
Prior art keywords
vector
sub
preset quantity
secret
share
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Expired - Fee Related
Application number
CN201610856701.4A
Other languages
Chinese (zh)
Other versions
CN106453285A (en
Inventor
吕春利
张博
曾子川
申长虹
刘瑜
马钦
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
China Agricultural University
Original Assignee
China Agricultural University
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by China Agricultural University filed Critical China Agricultural University
Priority to CN201610856701.4A priority Critical patent/CN106453285B/en
Publication of CN106453285A publication Critical patent/CN106453285A/en
Application granted granted Critical
Publication of CN106453285B publication Critical patent/CN106453285B/en
Expired - Fee Related legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/06Network architectures or network communication protocols for network security for supporting key management in a packet data network
    • H04L63/062Network architectures or network communication protocols for network security for supporting key management in a packet data network for key distribution, e.g. centrally by trusted party
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/06Network architectures or network communication protocols for network security for supporting key management in a packet data network
    • H04L63/067Network architectures or network communication protocols for network security for supporting key management in a packet data network using one-time keys
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/085Secret sharing or secret splitting, e.g. threshold schemes
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0861Generation of secret information including derivation or calculation of cryptographic keys or passwords
    • H04L9/0869Generation of secret information including derivation or calculation of cryptographic keys or passwords involving random numbers or seeds

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Management, Administration, Business Operations System, And Electronic Commerce (AREA)
  • Storage Device Security (AREA)

Abstract

The invention discloses verification methods and device that a kind of secret data is shared, which comprises secret data is expressed as to the secret vector of the first preset quantity block number;The random string vector of the second preset quantity is selected, and determines the shared multinomial of secret vector according to the random string vector;Identity is calculated, the sub- share vector of the third preset quantity of secret vector is calculated according to the shared multinomial and identity;Calculate shared promise to undertakeThe sub- share vector is verified according to the shared promise, determines the correctness of the sub- share vector.The present invention determines the shared multinomial of secret data by random string vector, and the sub- share vector of secret vector is obtained according to shared polynomial computation, and sub- share vector is verified by verifying formula, calculation amount and the traffic are all smaller, and computational efficiency is higher.

Description

A kind of verification method and device that secret data is shared
Technical field
The present invention relates to field of information security technology, and in particular to a kind of verification method and device that secret data is shared.
Background technique
Privacy sharing is the important means of information security and data confidentiality, it is protected in the safety of important information and secret data Deposit, transmit and legal utilization in play key effect.Wherein the scheme of Shamir is the classics in secret sharing scheme, base This thought is that shared secret S is divided into n share secret to be distributed to different participants, meets and is only more than or equal to t service Device joint could reconstruct shared secret, and any information of the secret cannot be arbitrarily obtained less than t server.But Shamir scheme needs to assume two premises: first is that secret distributor is always honest;Second is that the preserver of n share has The status of complete equality and right, and there is identical safety and reliability.The two are assumed in reality often It is difficult to be met, to will lead to privacy sharing, there are safety problems in practical application scene, it may be verified that privacy sharing What concept exactly generated in this context.Since the privacy sharing that can verify that is the base of the secret sharing scheme of active safety Fault-tolerant important tool in plinth and practical application, so the secret sharing scheme that many work can verify that in research again.
One of classical Verified secret sharing scheme is the scheme of Feldman.Feldman scheme is based on Shamir Scheme and dispersed accumulation, to being all condition safety in secret confidentiality and verifiability, and it is simpler and clear. But the secret sharing scheme based on Shamir needs to be calculated in the finite field that a rank is prime number p, and in the side VSS In case, need to find the cyclic group that a rank is prime number q, and q is the prime factor of p-1, will increase promise size, scheme in this way It can be not good enough.The problem is studied in the prior art, but all there are shortcomings: each shared secret need to be expected It calculates, and the certification of sub-secret needs each side to cooperate online, so that calculation amount and the traffic are all very big;Or safety is to be based on The intractability of discrete logarithm, the in order to prevent fraud between participant need to be implemented an interactive indentification protocol, and calculation amount is non- Chang great;Or use multi-secret sharing scheme scheme, but that there are distributors is computationally intensive for the program, it is inefficient the disadvantages of.
Summary of the invention
It is inefficient since that there are calculation amount and the traffics is all very big for the indentification protocol of existing secret data sharing method The problems such as, the present invention proposes a kind of verification method and device that secret data is shared.
In a first aspect, the present invention proposes a kind of verification method that secret data is shared, comprising:
Secret data is divided into the isometric secret vector for being expressed as the first preset quantity block number;
The random string vector of the second preset quantity is selected, and secret data is determined according to the random string vector Shared multinomial;
Identity is calculated, and the third of secret vector is obtained according to the identity and the shared polynomial computation The sub- share vector of preset quantity;
Calculate shared promise to undertake
The sub- share vector is verified according to the shared promise, determines the correctness of the sub- share vector; Wherein, i, j are nonnegative integer, (0≤i≤p-1,0≤j≤t-1);P is positive integer, and p-1 is first preset quantity;T is Positive integer, t-1 are second preset quantity;ri,jFor the component of the random string vector,It is one of cyclic group Generate member;Q be the circulation order of a group, and for can disclose, sufficiently large prime number.
Preferably, further includes:
According to reconstruct expression formula, secret reconstruct is carried out to the sub- share vector of at least the 4th preset quantity, is obtained described secret Ciphertext data.
Preferably, the shared polynomial f (x) are as follows:
Wherein, x expression is described shares polynomial independent variable,Respectively t-1 random character String vector, t are positive integer, and t-1 indicates second preset quantity;Indicate the secret data.
Preferably, the sub- share vector of the third preset quantityAre as follows:
Wherein, m is positive integer;P is positive integer, and p-1 indicates first preset quantity;y0, m,…,yP-2, mRespectively institute The daughter element of sub- share vector is stated, n indicates third preset quantity.
Preferably, the reconstruct expression formulaAre as follows:
Wherein,BottomBlockRowof () expression takes matrix in block formMost A line piecemeal row vector afterwards;Indicate the sub- share vector of at least the 4th preset quantity;λ0, λ1... ... λt-1For positive integer, the subscript of the optional t sub- shares from sub- share is indicated;T is positive integer, and t indicates the 4th present count Amount.
Second aspect, the present invention also propose a kind of verifying device that secret data is shared, comprising:
Data division module, for by secret data be divided into it is isometric be expressed as the first preset quantity block number it is secret to Amount;
Multinomial determining module, for selecting the random string vector of the second preset quantity, and according to the random words Symbol string vector determines the shared multinomial of secret data;
Vector calculation module, for calculating identity, and according to the identity and according to the shared multinomial The sub- share vector of the third preset quantity of secret vector is calculated;
Computing module is promised to undertake, for calculating shared promise
Vector authentication module determines the son for verifying according to the shared promise to the sub- share vector The correctness of share vector;
Wherein, i, j are nonnegative integer, (0≤i≤p-1,0≤j≤t-1);P is positive integer, and p-1 is described first default Quantity;T is positive integer, and t-1 is second preset quantity;ri,jFor the component of the random string vector,For circulation The generation member of group;Q be the circulation order of a group, and for can disclose, sufficiently large prime number.
Preferably, further includes:
Secret reconstructed module, for being carried out to the sub- share vector of at least the 4th preset quantity secret according to reconstruct expression formula Close reconstruct obtains the secret data.
Preferably, the shared polynomial f (x) in the multinomial determining module are as follows:
Wherein, x expression is described shares polynomial independent variable,Respectively t-1 random character String vector, t are positive integer, and t-1 indicates second preset quantity;Indicate the secret data.
Preferably, the sub- share vector of third preset quantity described in the vector calculation moduleAre as follows:
Wherein, m is positive integer;P is positive integer, and p-1 indicates first preset quantity;y0,m,…,yp-2,mRespectively institute The daughter element of sub- share vector is stated, n indicates third preset quantity.
Preferably, expression formula is reconstructed described in the secret reconstructed moduleAre as follows:
Wherein,BottomBlockRowof () expression takes matrix in block formMost A line piecemeal row vector afterwards;Indicate the sub- share of at least third preset quantity of the 4th preset quantity to Amount;λ0, λ1... ... λt-1For positive integer, the subscript of the optional t sub- shares from sub- share is indicated;T is positive integer, described in t expression 4th preset quantity.
As shown from the above technical solution, the present invention determines the shared multinomial of secret data by random string vector, And the sub- share vector of secret vector is obtained according to shared polynomial computation, and verify to sub- share vector by verifying formula, Calculation amount and the traffic are all smaller, and computational efficiency is higher.
Detailed description of the invention
In order to more clearly explain the embodiment of the invention or the technical proposal in the existing technology, to embodiment or will show below There is attached drawing needed in technical description to be briefly described, it should be apparent that, the accompanying drawings in the following description is only this Some embodiments of invention for those of ordinary skill in the art without creative efforts, can be with Other attached drawings are obtained according to these figures.
Fig. 1 is the flow diagram for the verification method that a kind of secret data that one embodiment of the invention provides is shared;
Fig. 2 is renewable (t, n) threshold secret sharing scheme flow chart for the calculating safety that one embodiment of the invention provides;
Fig. 3 is (t, n) threshold secret sharing scheme illustraton of model that one embodiment of the invention provides;
Fig. 4 is the geometric description figure for upper (t, n) threshold secret sharing process of group that one embodiment of the invention provides;
Fig. 5 is the structural schematic diagram for the verifying device that a kind of secret data that one embodiment of the invention provides is shared.
Specific embodiment
With reference to the accompanying drawing, the specific embodiment of invention is further described.Following embodiment is only used for more clear Illustrate to Chu technical solution of the present invention, and not intended to limit the protection scope of the present invention.
The flow diagram for the verification method that a kind of secret data that Fig. 1 shows one embodiment of the invention offer is shared, Include:
S1, secret data is divided into the isometric secret vector for being expressed as the first preset quantity block number;
S2, the random string vector for selecting the second preset quantity, and secret is determined according to the random string vector The shared multinomial of data;
S3, identity is calculated, and secret vector is obtained according to the identity and the shared polynomial computation The sub- share vector of third preset quantity;
S4, shared promise to undertake is calculated
S5, the sub- share vector is verified according to the shared promise, determines the correct of the sub- share vector Property;
Wherein, i, j are nonnegative integer, (0≤i≤p-1,0≤j≤t-1);P is positive integer, and p-1 is described first default Quantity;T is positive integer, and t-1 is second preset quantity;ri,jFor the component of the random string vector,For circulation The generation member of group;Q be the circulation order of a group, and for can disclose, sufficiently large prime number.
The present embodiment determines the shared multinomial of secret data by random string vector, and according to shared multinomial meter Calculation obtains the sub- share vector of secret vector, and is verified by verifying formula to sub- share vector, calculation amount and the traffic all compared with It is small, and computational efficiency is higher.
Further, the method also includes:
S6, according to reconstruct expression formula, secret reconstruct is carried out to the sub- share vector of at least the 4th preset quantity, is obtained described Secret data.
Secret reconstruct is carried out by reconstruct expression formula, it being capable of quick correctly Restore Secret data.
Specifically, the shared polynomial f (x) are as follows:
Wherein, x expression is described shares polynomial independent variable,Respectively t-1 random character String vector, t are positive integer, and t-1 indicates second preset quantity;Indicate the secret data.
By using multinomial is shared shown in formula one, calculation amount can be reduced, improves computational efficiency.
Further, the sub- share vector of the third preset quantityAre as follows:
Wherein, m is positive integer;P is positive integer, and p-1 indicates first preset quantity;y0,m,…,yp-2,mRespectively institute The daughter element of sub- share vector is stated, n indicates third preset quantity.
It, being capable of the traffic between less banker and member by using sub- share vector shown in formula two.
Further, the reconstruct expression formulaAre as follows:
Wherein,BottomBlockRowof () expression takes matrix in block formMost A line piecemeal row vector afterwards;Indicate the sub- share vector of at least the 4th preset quantity;λ0, λ1... ... λt-1For positive integer, the subscript of the optional t sub- shares from sub- share is indicated;T is positive integer, and t indicates the 4th present count Amount.
Expression formula is reconstructed by using shown in formula three, calculation amount can be reduced.
The shared verification method of secret data provided in this embodiment similar to Feldman scheme, group's Upper threshold is secret Shared to combine with dispersed accumulation, the confidentiality and verifiability for secret information can achieve the safety on calculating Property, and improve computational efficiency, reduce promise size, so that privacy sharing method is more suitable for the data storage of big data quantity On.
For example, it is secret to respectively illustrate renewable (t, n) thresholding provided in this embodiment for calculating safety by Fig. 2 and Fig. 3 Close secret sharing flow chart and (t, n) threshold secret sharing scheme illustraton of model;Assuming that there is banker D need to be in n participant U= {U1,…UnBetween shared secret S only when t or the t above participant join together that shared secret could be restored it is a to be less than t Any combination of participant is all unable to get about secret any information.Concrete scheme is made of 4 sub- agreements: system is initial Change, secret distribution protocol, the indentification protocol of sub- share vector and secret reconstruct agreement.
A1, system initialization
A11, banker define and announce a sufficiently large prime number q, define one that the cyclic group G, g that a rank is q are G Generate member;
A12, a finitely Abelian group is defined Rank is integer0 generates member for it;
A13, it looks for a prime number p (>=n), andRe-define a vector space [0,…0]TTo generate member, scalar operation result thereon is all fallen withinOn.
A2, secret distribution protocol
A21, it is divided into p-1 block for secret S is isometric, is denoted asChoose t-2 random string vectorWherein
A22, banker choose privacy sharing multinomial:
It enablesSub- share vector can be calculated by formula two
Wherein,For participant PmIdentity, and is defined as:0≤m≤p-1
For example, as p=5,
Indicate that above-mentioned privacy sharing process is as follows with matrix form:
Wherein,
For example, with k=3, for n=4, p=5, by above-mentionedAnd Hn×tDefinition H can be obtained4×3It is as follows:
According to the expression matrix of privacy sharing, i.e. formula four, to calculate sub- share vectorFor Example, has:
Therefore, according to the expression matrix of privacy sharing, the geometric description of available scheme, as shown in Figure 4.It is retouched from geometry It states as can be seen that calculating sub- share vectorMathematic(al) representation are as follows:
Wherein 0≤i≤p-2,0≤j≤t-1, ri,t-1=si, rp-1,j=0.
A23, banker secret distribute sub- share vectorTo Um(0≤m≤n-1);
A24, banker make following promise using discrete logarithm, that is, calculate(0≤i≤p-1,0≤j≤ T-1), wherein ri,t-1=si, rp-1,j=0, and it is broadcast to Um(0≤m≤n-1)。
The indentification protocol of A3, sub- share vector
UmReceive sub- share vectorAnd Ai,jAfterwards, sub- share vector can be verified by formula six Correctness:
Wherein, 0≤i≤p-2.
Illustrate the correctness of formula six below:
According to A in the formula five and step A24 of the geometric description of privacy sharingi,jCalculating formula can obtain:
A4, secret reconstruct agreement
As at least t member Uλ(λ ∈ B, and | B | >=t) their sub- share vector is providedAfterwards, using formula (4) into The secret reconstruct of row (here by taking t sub- share vectors as an example):
Wherein,
Vk×kIt is according to t shadow secret vectorFrom Hn×tIt is middle to take out what corresponding t row vector formed Square matrix, wherein
Therefore secret can be reconstructed
Integer mould is added group by the present embodimentOn efficient secret sharing scheme combined with dispersed accumulation, With below the utility model has the advantages that
Based on efficient threshold secret sharing scheme on a population, shared and reduction efficiency can achieve theoretically highest;
Secret vector generating process can be obtained by visual in image geometric expression, thus to can verify that Threshold Secret is total It enjoys scheme and calculating basis is provided;
Confidentiality and verifiability for secret information may be implemented that safety (condition safety) can be calculated;
It promises to undertake having a size of everyOnly need | q | the promise of bitsCompared with the promise ruler of Feldman scheme It is very little small;
Compared to Feldman scheme each element need 1 exponent arithmetic andSecondary multiplying, we The computational efficiency of case is 1 exponent arithmetic and t-1 multiplying, so this scheme is applied to the privacy sharing of big data quantity When, computational efficiency is higher.
Fig. 5 shows a kind of structural schematic diagram described device of the shared verifying device of secret data provided in this embodiment Including data division module 11, multinomial determining module 12, vector calculation module 13 and vector authentication module 14;Wherein,
Data division module 11 be used to for secret data being divided into it is isometric be expressed as the first preset quantity block number it is secret to Amount;
Multinomial determining module 12 is used to select the random string vector of the second preset quantity, and according to the random words Symbol string vector determines the shared multinomial of secret data;
Vector calculation module 13 is used to calculate identity, and according to the identity and the shared polynomial computation Obtain the sub- share vector of the third preset quantity of secret vector;
Computing module 14 is promised to undertake, for calculating shared promise
Vector authentication module 15 is used to verify the sub- share vector according to the shared promise, determines the son The correctness of share vector;
Wherein, i, j are nonnegative integer, (0≤i≤p-1,0≤j≤t-1);P is positive integer, and p-1 is described first default Quantity;T is positive integer, and t-1 is second preset quantity;ri,jFor the component of the random string vector,For circulation The generation member of group;Q be the circulation order of a group, and for can disclose, sufficiently large prime number.
Specifically, secret data is divided into the isometric secret for being expressed as the first preset quantity block number by data division module 11 Vector;Multinomial determining module 12 select the second preset quantity random string vector, and according to the random string to Measure the shared multinomial for determining secret data;Vector calculation module 13 obtains secret vector according to the shared polynomial computation Sub- share vector;Promise to undertake that computing module 14 calculates shared promise to undertakeVector authentication module 15 is according to described shared Promise verifies the sub- share vector, determines the correctness of the sub- share vector.
The present embodiment determines the shared multinomial of secret data by random string vector, and according to shared multinomial meter Calculation obtains the sub- share vector of secret vector, and is verified by verifying formula to sub- share vector, calculation amount and the traffic all compared with It is small, and computational efficiency is higher.
Further, described device further include:
Secret reconstructed module 16, for being carried out to the sub- share vector of at least the 4th preset quantity according to reconstruct expression formula Secret reconstruct, obtains the secret data.
Specifically, the shared polynomial f (x) in the multinomial determining module are as follows:
Wherein, x expression is described shares polynomial independent variable,Respectively t-1 random character String vector, t are positive integer, and t-1 indicates second preset quantity;Indicate the secret data.
Further, the sub- share vector of third preset quantity described in the vector calculation moduleAre as follows:
Wherein, m is positive integer;P is positive integer, and p-1 indicates first preset quantity;y0,m,…,yp-2,mRespectively institute That states sub- share vector divides vector.
Further, expression formula is reconstructed described in the secret reconstructed moduleAre as follows:
Wherein,BottomBlockRowof () expression takes matrix in block formMost A line piecemeal row vector afterwards;Indicate the sub- share vector of at least the 4th preset quantity;λ0, λ1... ... λt-1For positive integer, the subscript of the optional t sub- shares from sub- share is indicated;T is positive integer, and t indicates the 4th present count Amount.
The shared verifying device of secret data described in the present embodiment can be used for executing above method embodiment, principle Similar with technical effect, details are not described herein again.
In specification of the invention, numerous specific details are set forth.It is to be appreciated, however, that the embodiment of the present invention can be with It practices without these specific details.In some instances, well known method, structure and skill is not been shown in detail Art, so as not to obscure the understanding of this specification.

Claims (6)

1. a kind of shared verification method of secret data characterized by comprising
Secret data is divided into the isometric secret vector for being expressed as the first preset quantity block number;
The random string vector of the second preset quantity is selected, and being total to for secret data is determined according to the random string vector Enjoy multinomial;
Identity is calculated, and default according to the third that the identity and the shared polynomial computation obtain secret vector The sub- share vector of quantity;
Calculate shared promise to undertake
The sub- share vector is verified according to the shared promise, determines the correctness of the sub- share vector;
Wherein, i, j are nonnegative integer, (0≤i≤p-1,0≤j≤t-1);P is positive integer, and p-1 is first preset quantity; T is positive integer, and t-1 is second preset quantity;ri,jFor the component of the random string vector,It is the one of cyclic group A generation member;Q is the circulation order of a group, and is ostensible prime number;
The shared polynomial f (x) are as follows:
Wherein, x expression is described shares polynomial independent variable,Respectively t-1 random string to Amount, t are positive integer, and t-1 indicates second preset quantity;Indicate the secret data;
The sub- share vector of the third preset quantityAre as follows:
Wherein, m is positive integer, and 0≤m≤n-1;y0,m,…,yp-2,mThe daughter element of the respectively described sub- share vector, n are indicated Third preset quantity.
2. the method according to claim 1, wherein further include:
According to reconstruct expression formula, secret reconstruct is carried out to the sub- share vector of at least the 4th preset quantity, obtains the secret number According to.
3. according to the method described in claim 2, it is characterized in that, the reconstruct expression formulaAre as follows:
Wherein,BottomBlockRowof () expression takes matrix in block formLast Row piecemeal row vector;Indicate the sub- share vector of at least the 4th preset quantity;λ0, λ1... ... λt-1For Positive integer indicates the subscript of the optional t sub- shares from sub- share;T indicates the 4th preset quantity;It indicatesp- 1 is first preset quantity,0≤m≤p-1,
4. a kind of shared verifying device of secret data characterized by comprising
Data division module, for secret data to be divided into the isometric secret vector for being expressed as the first preset quantity block number;
Multinomial determining module, for selecting the random string vector of the second preset quantity, and according to the random string Vector determines the shared multinomial of secret data;
Vector calculation module is obtained for calculating identity, and according to the identity and the shared polynomial computation The sub- share vector of the third preset quantity of secret vector;
Computing module is promised to undertake, for calculating shared promise
Vector authentication module determines the sub- share for verifying according to the shared promise to the sub- share vector The correctness of vector;
Wherein, i, j are nonnegative integer, (0≤i≤p-1,0≤j≤t-1);P is positive integer, and p-1 is first preset quantity; T is positive integer, and t-1 is second preset quantity;ri,jFor the component of the random string vector,It is the one of cyclic group A generation member;Q is the circulation order of a group, and is ostensible prime number;
The shared polynomial f (x) are as follows:
Wherein, x expression is described shares polynomial independent variable,Respectively t-1 random string to Amount, t are positive integer, and t-1 indicates second preset quantity;Indicate the secret data;
The sub- share vector of the third preset quantityAre as follows:
Wherein, m is positive integer, and 0≤m≤n-1;y0,m,…,yp-2,mThe daughter element of the respectively described sub- share vector, n are indicated Third preset quantity.
5. device according to claim 4, which is characterized in that further include:
Secret reconstructed module, for carrying out secret weight to the sub- share vector of at least the 4th preset quantity according to reconstruct expression formula Structure obtains the secret data.
6. device according to claim 5, which is characterized in that reconstruct expression formula described in the secret reconstructed moduleAre as follows:
Wherein,BottomBlockRowof () expression takes matrix in block formLast Row piecemeal row vector;Indicate the sub- share vector of at least the 4th preset quantity;λ0, λ1... ... λt-1For Positive integer indicates the subscript of the optional t sub- shares from sub- share;T indicates the 4th preset quantity;It indicatesp- 1 is first preset quantity,0≤m≤p-1,
CN201610856701.4A 2016-09-27 2016-09-27 A kind of verification method and device that secret data is shared Expired - Fee Related CN106453285B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201610856701.4A CN106453285B (en) 2016-09-27 2016-09-27 A kind of verification method and device that secret data is shared

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201610856701.4A CN106453285B (en) 2016-09-27 2016-09-27 A kind of verification method and device that secret data is shared

Publications (2)

Publication Number Publication Date
CN106453285A CN106453285A (en) 2017-02-22
CN106453285B true CN106453285B (en) 2019-07-23

Family

ID=58170533

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201610856701.4A Expired - Fee Related CN106453285B (en) 2016-09-27 2016-09-27 A kind of verification method and device that secret data is shared

Country Status (1)

Country Link
CN (1) CN106453285B (en)

Families Citing this family (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN107203487B (en) * 2017-05-24 2020-09-11 东南大学 Security reconfigurable architecture capable of resisting power consumption attack
EP3651141B1 (en) * 2017-07-05 2021-12-08 Nippon Telegraph and Telephone Corporation Secure computing system, secure computing device, secure computing method, program, and recording medium
CN109120398B (en) * 2018-08-03 2021-07-27 河南师范大学 Secret sharing method and device based on block chain system
CN110457936B (en) 2019-07-01 2020-08-14 阿里巴巴集团控股有限公司 Data interaction method and device and electronic equipment
CN110717186B (en) * 2019-09-04 2023-06-23 创新先进技术有限公司 Data processing method and device and electronic equipment
US20220271933A1 (en) * 2021-02-19 2022-08-25 Samsung Electronics Co., Ltd. System and method for device to device secret backup and recovery

Family Cites Families (10)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101873212B (en) * 2010-06-09 2012-04-18 中国农业大学 Threshold secret information distributing and restoring devices and method
CN101882992B (en) * 2010-06-21 2012-12-12 中国农业大学 Threshold secret information distribution and recovery method and device
CN102064946A (en) * 2011-01-25 2011-05-18 南京邮电大学 Secret key sharing method based on identity-based encryption
CN104429019B (en) * 2012-07-05 2017-06-20 日本电信电话株式会社 Secret decentralized system, data dispersal device, dispersion data converting apparatus and secret
CN103259650B (en) * 2013-04-25 2015-12-09 河海大学 A kind of rationality many secret sharings method to honest participant's justice
CN105491006B (en) * 2015-11-13 2018-11-13 河南师范大学 Cloud outsourcing key sharing means and method
CN105516340B (en) * 2015-12-30 2018-09-28 中国农业大学 A kind of cloud storage data restorability verification method and system
CN105653983B (en) * 2015-12-30 2018-11-09 中国农业大学 Information distribution, reduction, integrity verification method and device based on cloud storage
CN105406966B (en) * 2015-12-30 2018-11-09 中国农业大学 A kind of distribution of threshold secret information, reduction, integrity verification method and device
CN105450394B (en) * 2015-12-30 2018-12-28 中国农业大学 A kind of share update method and device based on threshold secret sharing

Also Published As

Publication number Publication date
CN106453285A (en) 2017-02-22

Similar Documents

Publication Publication Date Title
CN106453285B (en) A kind of verification method and device that secret data is shared
CN106452745B (en) A kind of verification method and device that secret data is shared
Carpentieri A perfect threshold secret sharing scheme to identify cheaters
EP3195522B1 (en) Generating shares of secret data
CN106549770B (en) SM2 digital signature generation method and system
US11316676B2 (en) Quantum-proof multiparty key exchange system, quantum-proof multiparty terminal device, quantum-proof multiparty key exchange method, program, and recording medium
Schneider et al. GMW vs. Yao? Efficient secure two-party computation with low depth circuits
Wang et al. Online/offline provable data possession
CN106656512B (en) Support the SM2 digital signature generation method and system of threshold cryptography
JP2021515271A (en) Computer-based voting process and system
CN108028751B (en) System, computer-readable medium, and method for mobile proactive secret sharing
CN112380495B (en) Secure multiparty multiplication method and system
US9660813B1 (en) Dynamic privacy management for communications of clients in privacy-preserving groups
CN108418810A (en) Secret sharing method based on Hadamard matrix
CN111046411A (en) Power grid data safe storage method and system
Tadayon et al. Dynamic and verifiable multi‐secret sharing scheme based on Hermite interpolation and bilinear maps
Zhao et al. Fuzzy identity-based dynamic auditing of big data on cloud storage
CN109510709B (en) RSA-based (k, n) threshold signature method and device and electronic equipment
CN113205378A (en) Electric energy transaction system based on block chain
US11329808B2 (en) Secure computation device, secure computation authentication system, secure computation method, and program
KR102070061B1 (en) Batch verification method and apparatus thereof
US11888977B2 (en) Share generating device, share converting device, secure computation system, share generation method, share conversion method, program, and recording medium
Wang et al. Dynamic threshold changeable multi‐policy secret sharing scheme
CN109617674A (en) The cryptographic key distribution method cooperated between multiple key management systems
US9558359B1 (en) Information theoretically secure protocol for mobile proactive secret sharing with near-optimal resilience

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant
CF01 Termination of patent right due to non-payment of annual fee

Granted publication date: 20190723