CN106453285B - A kind of verification method and device that secret data is shared - Google Patents
A kind of verification method and device that secret data is shared Download PDFInfo
- Publication number
- CN106453285B CN106453285B CN201610856701.4A CN201610856701A CN106453285B CN 106453285 B CN106453285 B CN 106453285B CN 201610856701 A CN201610856701 A CN 201610856701A CN 106453285 B CN106453285 B CN 106453285B
- Authority
- CN
- China
- Prior art keywords
- vector
- sub
- preset quantity
- secret
- share
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Expired - Fee Related
Links
- 238000000034 method Methods 0.000 title claims abstract description 21
- 238000012795 verification Methods 0.000 title claims abstract description 10
- 239000013598 vector Substances 0.000 claims abstract description 138
- 238000004364 calculation method Methods 0.000 claims abstract description 18
- 239000011159 matrix material Substances 0.000 claims description 10
- 125000004122 cyclic group Chemical group 0.000 claims description 5
- 238000010586 diagram Methods 0.000 description 4
- 238000009825 accumulation Methods 0.000 description 3
- 230000000694 effects Effects 0.000 description 2
- 238000013500 data storage Methods 0.000 description 1
- 230000002452 interceptive effect Effects 0.000 description 1
- 230000000007 visual effect Effects 0.000 description 1
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/06—Network architectures or network communication protocols for network security for supporting key management in a packet data network
- H04L63/062—Network architectures or network communication protocols for network security for supporting key management in a packet data network for key distribution, e.g. centrally by trusted party
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/06—Network architectures or network communication protocols for network security for supporting key management in a packet data network
- H04L63/067—Network architectures or network communication protocols for network security for supporting key management in a packet data network using one-time keys
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0816—Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
- H04L9/085—Secret sharing or secret splitting, e.g. threshold schemes
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0861—Generation of secret information including derivation or calculation of cryptographic keys or passwords
- H04L9/0869—Generation of secret information including derivation or calculation of cryptographic keys or passwords involving random numbers or seeds
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Management, Administration, Business Operations System, And Electronic Commerce (AREA)
- Storage Device Security (AREA)
Abstract
The invention discloses verification methods and device that a kind of secret data is shared, which comprises secret data is expressed as to the secret vector of the first preset quantity block number;The random string vector of the second preset quantity is selected, and determines the shared multinomial of secret vector according to the random string vector;Identity is calculated, the sub- share vector of the third preset quantity of secret vector is calculated according to the shared multinomial and identity;Calculate shared promise to undertakeThe sub- share vector is verified according to the shared promise, determines the correctness of the sub- share vector.The present invention determines the shared multinomial of secret data by random string vector, and the sub- share vector of secret vector is obtained according to shared polynomial computation, and sub- share vector is verified by verifying formula, calculation amount and the traffic are all smaller, and computational efficiency is higher.
Description
Technical field
The present invention relates to field of information security technology, and in particular to a kind of verification method and device that secret data is shared.
Background technique
Privacy sharing is the important means of information security and data confidentiality, it is protected in the safety of important information and secret data
Deposit, transmit and legal utilization in play key effect.Wherein the scheme of Shamir is the classics in secret sharing scheme, base
This thought is that shared secret S is divided into n share secret to be distributed to different participants, meets and is only more than or equal to t service
Device joint could reconstruct shared secret, and any information of the secret cannot be arbitrarily obtained less than t server.But
Shamir scheme needs to assume two premises: first is that secret distributor is always honest;Second is that the preserver of n share has
The status of complete equality and right, and there is identical safety and reliability.The two are assumed in reality often
It is difficult to be met, to will lead to privacy sharing, there are safety problems in practical application scene, it may be verified that privacy sharing
What concept exactly generated in this context.Since the privacy sharing that can verify that is the base of the secret sharing scheme of active safety
Fault-tolerant important tool in plinth and practical application, so the secret sharing scheme that many work can verify that in research again.
One of classical Verified secret sharing scheme is the scheme of Feldman.Feldman scheme is based on Shamir
Scheme and dispersed accumulation, to being all condition safety in secret confidentiality and verifiability, and it is simpler and clear.
But the secret sharing scheme based on Shamir needs to be calculated in the finite field that a rank is prime number p, and in the side VSS
In case, need to find the cyclic group that a rank is prime number q, and q is the prime factor of p-1, will increase promise size, scheme in this way
It can be not good enough.The problem is studied in the prior art, but all there are shortcomings: each shared secret need to be expected
It calculates, and the certification of sub-secret needs each side to cooperate online, so that calculation amount and the traffic are all very big;Or safety is to be based on
The intractability of discrete logarithm, the in order to prevent fraud between participant need to be implemented an interactive indentification protocol, and calculation amount is non-
Chang great;Or use multi-secret sharing scheme scheme, but that there are distributors is computationally intensive for the program, it is inefficient the disadvantages of.
Summary of the invention
It is inefficient since that there are calculation amount and the traffics is all very big for the indentification protocol of existing secret data sharing method
The problems such as, the present invention proposes a kind of verification method and device that secret data is shared.
In a first aspect, the present invention proposes a kind of verification method that secret data is shared, comprising:
Secret data is divided into the isometric secret vector for being expressed as the first preset quantity block number;
The random string vector of the second preset quantity is selected, and secret data is determined according to the random string vector
Shared multinomial;
Identity is calculated, and the third of secret vector is obtained according to the identity and the shared polynomial computation
The sub- share vector of preset quantity;
Calculate shared promise to undertake
The sub- share vector is verified according to the shared promise, determines the correctness of the sub- share vector;
Wherein, i, j are nonnegative integer, (0≤i≤p-1,0≤j≤t-1);P is positive integer, and p-1 is first preset quantity;T is
Positive integer, t-1 are second preset quantity;ri,jFor the component of the random string vector,It is one of cyclic group
Generate member;Q be the circulation order of a group, and for can disclose, sufficiently large prime number.
Preferably, further includes:
According to reconstruct expression formula, secret reconstruct is carried out to the sub- share vector of at least the 4th preset quantity, is obtained described secret
Ciphertext data.
Preferably, the shared polynomial f (x) are as follows:
Wherein, x expression is described shares polynomial independent variable,Respectively t-1 random character
String vector, t are positive integer, and t-1 indicates second preset quantity;Indicate the secret data.
Preferably, the sub- share vector of the third preset quantityAre as follows:
Wherein, m is positive integer;P is positive integer, and p-1 indicates first preset quantity;y0, m,…,yP-2, mRespectively institute
The daughter element of sub- share vector is stated, n indicates third preset quantity.
Preferably, the reconstruct expression formulaAre as follows:
Wherein,BottomBlockRowof () expression takes matrix in block formMost
A line piecemeal row vector afterwards;Indicate the sub- share vector of at least the 4th preset quantity;λ0, λ1... ...
λt-1For positive integer, the subscript of the optional t sub- shares from sub- share is indicated;T is positive integer, and t indicates the 4th present count
Amount.
Second aspect, the present invention also propose a kind of verifying device that secret data is shared, comprising:
Data division module, for by secret data be divided into it is isometric be expressed as the first preset quantity block number it is secret to
Amount;
Multinomial determining module, for selecting the random string vector of the second preset quantity, and according to the random words
Symbol string vector determines the shared multinomial of secret data;
Vector calculation module, for calculating identity, and according to the identity and according to the shared multinomial
The sub- share vector of the third preset quantity of secret vector is calculated;
Computing module is promised to undertake, for calculating shared promise
Vector authentication module determines the son for verifying according to the shared promise to the sub- share vector
The correctness of share vector;
Wherein, i, j are nonnegative integer, (0≤i≤p-1,0≤j≤t-1);P is positive integer, and p-1 is described first default
Quantity;T is positive integer, and t-1 is second preset quantity;ri,jFor the component of the random string vector,For circulation
The generation member of group;Q be the circulation order of a group, and for can disclose, sufficiently large prime number.
Preferably, further includes:
Secret reconstructed module, for being carried out to the sub- share vector of at least the 4th preset quantity secret according to reconstruct expression formula
Close reconstruct obtains the secret data.
Preferably, the shared polynomial f (x) in the multinomial determining module are as follows:
Wherein, x expression is described shares polynomial independent variable,Respectively t-1 random character
String vector, t are positive integer, and t-1 indicates second preset quantity;Indicate the secret data.
Preferably, the sub- share vector of third preset quantity described in the vector calculation moduleAre as follows:
Wherein, m is positive integer;P is positive integer, and p-1 indicates first preset quantity;y0,m,…,yp-2,mRespectively institute
The daughter element of sub- share vector is stated, n indicates third preset quantity.
Preferably, expression formula is reconstructed described in the secret reconstructed moduleAre as follows:
Wherein,BottomBlockRowof () expression takes matrix in block formMost
A line piecemeal row vector afterwards;Indicate the sub- share of at least third preset quantity of the 4th preset quantity to
Amount;λ0, λ1... ... λt-1For positive integer, the subscript of the optional t sub- shares from sub- share is indicated;T is positive integer, described in t expression
4th preset quantity.
As shown from the above technical solution, the present invention determines the shared multinomial of secret data by random string vector,
And the sub- share vector of secret vector is obtained according to shared polynomial computation, and verify to sub- share vector by verifying formula,
Calculation amount and the traffic are all smaller, and computational efficiency is higher.
Detailed description of the invention
In order to more clearly explain the embodiment of the invention or the technical proposal in the existing technology, to embodiment or will show below
There is attached drawing needed in technical description to be briefly described, it should be apparent that, the accompanying drawings in the following description is only this
Some embodiments of invention for those of ordinary skill in the art without creative efforts, can be with
Other attached drawings are obtained according to these figures.
Fig. 1 is the flow diagram for the verification method that a kind of secret data that one embodiment of the invention provides is shared;
Fig. 2 is renewable (t, n) threshold secret sharing scheme flow chart for the calculating safety that one embodiment of the invention provides;
Fig. 3 is (t, n) threshold secret sharing scheme illustraton of model that one embodiment of the invention provides;
Fig. 4 is the geometric description figure for upper (t, n) threshold secret sharing process of group that one embodiment of the invention provides;
Fig. 5 is the structural schematic diagram for the verifying device that a kind of secret data that one embodiment of the invention provides is shared.
Specific embodiment
With reference to the accompanying drawing, the specific embodiment of invention is further described.Following embodiment is only used for more clear
Illustrate to Chu technical solution of the present invention, and not intended to limit the protection scope of the present invention.
The flow diagram for the verification method that a kind of secret data that Fig. 1 shows one embodiment of the invention offer is shared,
Include:
S1, secret data is divided into the isometric secret vector for being expressed as the first preset quantity block number;
S2, the random string vector for selecting the second preset quantity, and secret is determined according to the random string vector
The shared multinomial of data;
S3, identity is calculated, and secret vector is obtained according to the identity and the shared polynomial computation
The sub- share vector of third preset quantity;
S4, shared promise to undertake is calculated
S5, the sub- share vector is verified according to the shared promise, determines the correct of the sub- share vector
Property;
Wherein, i, j are nonnegative integer, (0≤i≤p-1,0≤j≤t-1);P is positive integer, and p-1 is described first default
Quantity;T is positive integer, and t-1 is second preset quantity;ri,jFor the component of the random string vector,For circulation
The generation member of group;Q be the circulation order of a group, and for can disclose, sufficiently large prime number.
The present embodiment determines the shared multinomial of secret data by random string vector, and according to shared multinomial meter
Calculation obtains the sub- share vector of secret vector, and is verified by verifying formula to sub- share vector, calculation amount and the traffic all compared with
It is small, and computational efficiency is higher.
Further, the method also includes:
S6, according to reconstruct expression formula, secret reconstruct is carried out to the sub- share vector of at least the 4th preset quantity, is obtained described
Secret data.
Secret reconstruct is carried out by reconstruct expression formula, it being capable of quick correctly Restore Secret data.
Specifically, the shared polynomial f (x) are as follows:
Wherein, x expression is described shares polynomial independent variable,Respectively t-1 random character
String vector, t are positive integer, and t-1 indicates second preset quantity;Indicate the secret data.
By using multinomial is shared shown in formula one, calculation amount can be reduced, improves computational efficiency.
Further, the sub- share vector of the third preset quantityAre as follows:
Wherein, m is positive integer;P is positive integer, and p-1 indicates first preset quantity;y0,m,…,yp-2,mRespectively institute
The daughter element of sub- share vector is stated, n indicates third preset quantity.
It, being capable of the traffic between less banker and member by using sub- share vector shown in formula two.
Further, the reconstruct expression formulaAre as follows:
Wherein,BottomBlockRowof () expression takes matrix in block formMost
A line piecemeal row vector afterwards;Indicate the sub- share vector of at least the 4th preset quantity;λ0, λ1... ...
λt-1For positive integer, the subscript of the optional t sub- shares from sub- share is indicated;T is positive integer, and t indicates the 4th present count
Amount.
Expression formula is reconstructed by using shown in formula three, calculation amount can be reduced.
The shared verification method of secret data provided in this embodiment similar to Feldman scheme, group's Upper threshold is secret
Shared to combine with dispersed accumulation, the confidentiality and verifiability for secret information can achieve the safety on calculating
Property, and improve computational efficiency, reduce promise size, so that privacy sharing method is more suitable for the data storage of big data quantity
On.
For example, it is secret to respectively illustrate renewable (t, n) thresholding provided in this embodiment for calculating safety by Fig. 2 and Fig. 3
Close secret sharing flow chart and (t, n) threshold secret sharing scheme illustraton of model;Assuming that there is banker D need to be in n participant U=
{U1,…UnBetween shared secret S only when t or the t above participant join together that shared secret could be restored it is a to be less than t
Any combination of participant is all unable to get about secret any information.Concrete scheme is made of 4 sub- agreements: system is initial
Change, secret distribution protocol, the indentification protocol of sub- share vector and secret reconstruct agreement.
A1, system initialization
A11, banker define and announce a sufficiently large prime number q, define one that the cyclic group G, g that a rank is q are G
Generate member;
A12, a finitely Abelian group is defined Rank is integer0 generates member for it;
A13, it looks for a prime number p (>=n), andRe-define a vector space
[0,…0]TTo generate member, scalar operation result thereon is all fallen withinOn.
A2, secret distribution protocol
A21, it is divided into p-1 block for secret S is isometric, is denoted asChoose t-2 random string vectorWherein
A22, banker choose privacy sharing multinomial:
It enablesSub- share vector can be calculated by formula two
Wherein,For participant PmIdentity, and is defined as:0≤m≤p-1
For example, as p=5,
Indicate that above-mentioned privacy sharing process is as follows with matrix form:
Wherein,
For example, with k=3, for n=4, p=5, by above-mentionedAnd Hn×tDefinition H can be obtained4×3It is as follows:
According to the expression matrix of privacy sharing, i.e. formula four, to calculate sub- share vectorFor
Example, has:
Therefore, according to the expression matrix of privacy sharing, the geometric description of available scheme, as shown in Figure 4.It is retouched from geometry
It states as can be seen that calculating sub- share vectorMathematic(al) representation are as follows:
Wherein 0≤i≤p-2,0≤j≤t-1, ri,t-1=si, rp-1,j=0.
A23, banker secret distribute sub- share vectorTo Um(0≤m≤n-1);
A24, banker make following promise using discrete logarithm, that is, calculate(0≤i≤p-1,0≤j≤
T-1), wherein ri,t-1=si, rp-1,j=0, and it is broadcast to Um(0≤m≤n-1)。
The indentification protocol of A3, sub- share vector
UmReceive sub- share vectorAnd Ai,jAfterwards, sub- share vector can be verified by formula six
Correctness:
Wherein, 0≤i≤p-2.
Illustrate the correctness of formula six below:
According to A in the formula five and step A24 of the geometric description of privacy sharingi,jCalculating formula can obtain:
A4, secret reconstruct agreement
As at least t member Uλ(λ ∈ B, and | B | >=t) their sub- share vector is providedAfterwards, using formula (4) into
The secret reconstruct of row (here by taking t sub- share vectors as an example):
Wherein,
Vk×kIt is according to t shadow secret vectorFrom Hn×tIt is middle to take out what corresponding t row vector formed
Square matrix, wherein
Therefore secret can be reconstructed
Integer mould is added group by the present embodimentOn efficient secret sharing scheme combined with dispersed accumulation,
With below the utility model has the advantages that
Based on efficient threshold secret sharing scheme on a population, shared and reduction efficiency can achieve theoretically highest;
Secret vector generating process can be obtained by visual in image geometric expression, thus to can verify that Threshold Secret is total
It enjoys scheme and calculating basis is provided;
Confidentiality and verifiability for secret information may be implemented that safety (condition safety) can be calculated;
It promises to undertake having a size of everyOnly need | q | the promise of bitsCompared with the promise ruler of Feldman scheme
It is very little small;
Compared to Feldman scheme each element need 1 exponent arithmetic andSecondary multiplying, we
The computational efficiency of case is 1 exponent arithmetic and t-1 multiplying, so this scheme is applied to the privacy sharing of big data quantity
When, computational efficiency is higher.
Fig. 5 shows a kind of structural schematic diagram described device of the shared verifying device of secret data provided in this embodiment
Including data division module 11, multinomial determining module 12, vector calculation module 13 and vector authentication module 14;Wherein,
Data division module 11 be used to for secret data being divided into it is isometric be expressed as the first preset quantity block number it is secret to
Amount;
Multinomial determining module 12 is used to select the random string vector of the second preset quantity, and according to the random words
Symbol string vector determines the shared multinomial of secret data;
Vector calculation module 13 is used to calculate identity, and according to the identity and the shared polynomial computation
Obtain the sub- share vector of the third preset quantity of secret vector;
Computing module 14 is promised to undertake, for calculating shared promise
Vector authentication module 15 is used to verify the sub- share vector according to the shared promise, determines the son
The correctness of share vector;
Wherein, i, j are nonnegative integer, (0≤i≤p-1,0≤j≤t-1);P is positive integer, and p-1 is described first default
Quantity;T is positive integer, and t-1 is second preset quantity;ri,jFor the component of the random string vector,For circulation
The generation member of group;Q be the circulation order of a group, and for can disclose, sufficiently large prime number.
Specifically, secret data is divided into the isometric secret for being expressed as the first preset quantity block number by data division module 11
Vector;Multinomial determining module 12 select the second preset quantity random string vector, and according to the random string to
Measure the shared multinomial for determining secret data;Vector calculation module 13 obtains secret vector according to the shared polynomial computation
Sub- share vector;Promise to undertake that computing module 14 calculates shared promise to undertakeVector authentication module 15 is according to described shared
Promise verifies the sub- share vector, determines the correctness of the sub- share vector.
The present embodiment determines the shared multinomial of secret data by random string vector, and according to shared multinomial meter
Calculation obtains the sub- share vector of secret vector, and is verified by verifying formula to sub- share vector, calculation amount and the traffic all compared with
It is small, and computational efficiency is higher.
Further, described device further include:
Secret reconstructed module 16, for being carried out to the sub- share vector of at least the 4th preset quantity according to reconstruct expression formula
Secret reconstruct, obtains the secret data.
Specifically, the shared polynomial f (x) in the multinomial determining module are as follows:
Wherein, x expression is described shares polynomial independent variable,Respectively t-1 random character
String vector, t are positive integer, and t-1 indicates second preset quantity;Indicate the secret data.
Further, the sub- share vector of third preset quantity described in the vector calculation moduleAre as follows:
Wherein, m is positive integer;P is positive integer, and p-1 indicates first preset quantity;y0,m,…,yp-2,mRespectively institute
That states sub- share vector divides vector.
Further, expression formula is reconstructed described in the secret reconstructed moduleAre as follows:
Wherein,BottomBlockRowof () expression takes matrix in block formMost
A line piecemeal row vector afterwards;Indicate the sub- share vector of at least the 4th preset quantity;λ0, λ1... ...
λt-1For positive integer, the subscript of the optional t sub- shares from sub- share is indicated;T is positive integer, and t indicates the 4th present count
Amount.
The shared verifying device of secret data described in the present embodiment can be used for executing above method embodiment, principle
Similar with technical effect, details are not described herein again.
In specification of the invention, numerous specific details are set forth.It is to be appreciated, however, that the embodiment of the present invention can be with
It practices without these specific details.In some instances, well known method, structure and skill is not been shown in detail
Art, so as not to obscure the understanding of this specification.
Claims (6)
1. a kind of shared verification method of secret data characterized by comprising
Secret data is divided into the isometric secret vector for being expressed as the first preset quantity block number;
The random string vector of the second preset quantity is selected, and being total to for secret data is determined according to the random string vector
Enjoy multinomial;
Identity is calculated, and default according to the third that the identity and the shared polynomial computation obtain secret vector
The sub- share vector of quantity;
Calculate shared promise to undertake
The sub- share vector is verified according to the shared promise, determines the correctness of the sub- share vector;
Wherein, i, j are nonnegative integer, (0≤i≤p-1,0≤j≤t-1);P is positive integer, and p-1 is first preset quantity;
T is positive integer, and t-1 is second preset quantity;ri,jFor the component of the random string vector,It is the one of cyclic group
A generation member;Q is the circulation order of a group, and is ostensible prime number;
The shared polynomial f (x) are as follows:
Wherein, x expression is described shares polynomial independent variable,Respectively t-1 random string to
Amount, t are positive integer, and t-1 indicates second preset quantity;Indicate the secret data;
The sub- share vector of the third preset quantityAre as follows:
Wherein, m is positive integer, and 0≤m≤n-1;y0,m,…,yp-2,mThe daughter element of the respectively described sub- share vector, n are indicated
Third preset quantity.
2. the method according to claim 1, wherein further include:
According to reconstruct expression formula, secret reconstruct is carried out to the sub- share vector of at least the 4th preset quantity, obtains the secret number
According to.
3. according to the method described in claim 2, it is characterized in that, the reconstruct expression formulaAre as follows:
Wherein,BottomBlockRowof () expression takes matrix in block formLast
Row piecemeal row vector;Indicate the sub- share vector of at least the 4th preset quantity;λ0, λ1... ... λt-1For
Positive integer indicates the subscript of the optional t sub- shares from sub- share;T indicates the 4th preset quantity;It indicatesp-
1 is first preset quantity,0≤m≤p-1,
4. a kind of shared verifying device of secret data characterized by comprising
Data division module, for secret data to be divided into the isometric secret vector for being expressed as the first preset quantity block number;
Multinomial determining module, for selecting the random string vector of the second preset quantity, and according to the random string
Vector determines the shared multinomial of secret data;
Vector calculation module is obtained for calculating identity, and according to the identity and the shared polynomial computation
The sub- share vector of the third preset quantity of secret vector;
Computing module is promised to undertake, for calculating shared promise
Vector authentication module determines the sub- share for verifying according to the shared promise to the sub- share vector
The correctness of vector;
Wherein, i, j are nonnegative integer, (0≤i≤p-1,0≤j≤t-1);P is positive integer, and p-1 is first preset quantity;
T is positive integer, and t-1 is second preset quantity;ri,jFor the component of the random string vector,It is the one of cyclic group
A generation member;Q is the circulation order of a group, and is ostensible prime number;
The shared polynomial f (x) are as follows:
Wherein, x expression is described shares polynomial independent variable,Respectively t-1 random string to
Amount, t are positive integer, and t-1 indicates second preset quantity;Indicate the secret data;
The sub- share vector of the third preset quantityAre as follows:
Wherein, m is positive integer, and 0≤m≤n-1;y0,m,…,yp-2,mThe daughter element of the respectively described sub- share vector, n are indicated
Third preset quantity.
5. device according to claim 4, which is characterized in that further include:
Secret reconstructed module, for carrying out secret weight to the sub- share vector of at least the 4th preset quantity according to reconstruct expression formula
Structure obtains the secret data.
6. device according to claim 5, which is characterized in that reconstruct expression formula described in the secret reconstructed moduleAre as follows:
Wherein,BottomBlockRowof () expression takes matrix in block formLast
Row piecemeal row vector;Indicate the sub- share vector of at least the 4th preset quantity;λ0, λ1... ... λt-1For
Positive integer indicates the subscript of the optional t sub- shares from sub- share;T indicates the 4th preset quantity;It indicatesp-
1 is first preset quantity,0≤m≤p-1,
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201610856701.4A CN106453285B (en) | 2016-09-27 | 2016-09-27 | A kind of verification method and device that secret data is shared |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201610856701.4A CN106453285B (en) | 2016-09-27 | 2016-09-27 | A kind of verification method and device that secret data is shared |
Publications (2)
Publication Number | Publication Date |
---|---|
CN106453285A CN106453285A (en) | 2017-02-22 |
CN106453285B true CN106453285B (en) | 2019-07-23 |
Family
ID=58170533
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201610856701.4A Expired - Fee Related CN106453285B (en) | 2016-09-27 | 2016-09-27 | A kind of verification method and device that secret data is shared |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN106453285B (en) |
Families Citing this family (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN107203487B (en) * | 2017-05-24 | 2020-09-11 | 东南大学 | Security reconfigurable architecture capable of resisting power consumption attack |
EP3651141B1 (en) * | 2017-07-05 | 2021-12-08 | Nippon Telegraph and Telephone Corporation | Secure computing system, secure computing device, secure computing method, program, and recording medium |
CN109120398B (en) * | 2018-08-03 | 2021-07-27 | 河南师范大学 | Secret sharing method and device based on block chain system |
CN110457936B (en) | 2019-07-01 | 2020-08-14 | 阿里巴巴集团控股有限公司 | Data interaction method and device and electronic equipment |
CN110717186B (en) * | 2019-09-04 | 2023-06-23 | 创新先进技术有限公司 | Data processing method and device and electronic equipment |
US20220271933A1 (en) * | 2021-02-19 | 2022-08-25 | Samsung Electronics Co., Ltd. | System and method for device to device secret backup and recovery |
Family Cites Families (10)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101873212B (en) * | 2010-06-09 | 2012-04-18 | 中国农业大学 | Threshold secret information distributing and restoring devices and method |
CN101882992B (en) * | 2010-06-21 | 2012-12-12 | 中国农业大学 | Threshold secret information distribution and recovery method and device |
CN102064946A (en) * | 2011-01-25 | 2011-05-18 | 南京邮电大学 | Secret key sharing method based on identity-based encryption |
CN104429019B (en) * | 2012-07-05 | 2017-06-20 | 日本电信电话株式会社 | Secret decentralized system, data dispersal device, dispersion data converting apparatus and secret |
CN103259650B (en) * | 2013-04-25 | 2015-12-09 | 河海大学 | A kind of rationality many secret sharings method to honest participant's justice |
CN105491006B (en) * | 2015-11-13 | 2018-11-13 | 河南师范大学 | Cloud outsourcing key sharing means and method |
CN105516340B (en) * | 2015-12-30 | 2018-09-28 | 中国农业大学 | A kind of cloud storage data restorability verification method and system |
CN105653983B (en) * | 2015-12-30 | 2018-11-09 | 中国农业大学 | Information distribution, reduction, integrity verification method and device based on cloud storage |
CN105406966B (en) * | 2015-12-30 | 2018-11-09 | 中国农业大学 | A kind of distribution of threshold secret information, reduction, integrity verification method and device |
CN105450394B (en) * | 2015-12-30 | 2018-12-28 | 中国农业大学 | A kind of share update method and device based on threshold secret sharing |
-
2016
- 2016-09-27 CN CN201610856701.4A patent/CN106453285B/en not_active Expired - Fee Related
Also Published As
Publication number | Publication date |
---|---|
CN106453285A (en) | 2017-02-22 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN106453285B (en) | A kind of verification method and device that secret data is shared | |
CN106452745B (en) | A kind of verification method and device that secret data is shared | |
Carpentieri | A perfect threshold secret sharing scheme to identify cheaters | |
EP3195522B1 (en) | Generating shares of secret data | |
CN106549770B (en) | SM2 digital signature generation method and system | |
US11316676B2 (en) | Quantum-proof multiparty key exchange system, quantum-proof multiparty terminal device, quantum-proof multiparty key exchange method, program, and recording medium | |
Schneider et al. | GMW vs. Yao? Efficient secure two-party computation with low depth circuits | |
Wang et al. | Online/offline provable data possession | |
CN106656512B (en) | Support the SM2 digital signature generation method and system of threshold cryptography | |
JP2021515271A (en) | Computer-based voting process and system | |
CN108028751B (en) | System, computer-readable medium, and method for mobile proactive secret sharing | |
CN112380495B (en) | Secure multiparty multiplication method and system | |
US9660813B1 (en) | Dynamic privacy management for communications of clients in privacy-preserving groups | |
CN108418810A (en) | Secret sharing method based on Hadamard matrix | |
CN111046411A (en) | Power grid data safe storage method and system | |
Tadayon et al. | Dynamic and verifiable multi‐secret sharing scheme based on Hermite interpolation and bilinear maps | |
Zhao et al. | Fuzzy identity-based dynamic auditing of big data on cloud storage | |
CN109510709B (en) | RSA-based (k, n) threshold signature method and device and electronic equipment | |
CN113205378A (en) | Electric energy transaction system based on block chain | |
US11329808B2 (en) | Secure computation device, secure computation authentication system, secure computation method, and program | |
KR102070061B1 (en) | Batch verification method and apparatus thereof | |
US11888977B2 (en) | Share generating device, share converting device, secure computation system, share generation method, share conversion method, program, and recording medium | |
Wang et al. | Dynamic threshold changeable multi‐policy secret sharing scheme | |
CN109617674A (en) | The cryptographic key distribution method cooperated between multiple key management systems | |
US9558359B1 (en) | Information theoretically secure protocol for mobile proactive secret sharing with near-optimal resilience |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
C06 | Publication | ||
PB01 | Publication | ||
C10 | Entry into substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant | ||
CF01 | Termination of patent right due to non-payment of annual fee |
Granted publication date: 20190723 |