書誌事項
- タイトル別名
-
- How to Verify the Threshold t of Shamir's (t n)-Threshold Scheme
- セキュリティ基盤技術
この論文をさがす
抄録
In the Shamir (t n)-threshold scheme the dealer constructs a random polynomial f(x) ∈ GF(p)[x] of degree at most t ? 1 in which the constant term is the secret K ∈ GF(p). However if the chosen polynomial f(x) is of degree less than t ? 1 then a conspiracy of any t ? 1 participants can reconstruct the secret K; on the other hand if the degree of f(x) is greater than t ? 1 then even t participants can not reconstruct the secret K properly. To prevent these from happening the degree of the polynomial f(x) should be exactly equal to t ? 1 if the dealer claimed that the threshold of this scheme is t. There also should be some ways for participants to verify whether the threshold is exactly t or not. A few known verifiable threshold schemes provide such ability but the securities of these schemes are based on some cryptographic assumptions. The purpose of this paper is to propose some threshold-verification protocols for the Shamir (t n)-threshold scheme from the viewpoint of unconditional security.
In the Shamir (t, n)-threshold scheme, the dealer constructs a random polynomial f(x) ∈ GF(p)[x] of degree at most t 竏驤 1 in which the constant term is the secret K ∈ GF(p). However, if the chosen polynomial f(x) is of degree less than t 竏驤 1, then a conspiracy of any t 竏驤 1 participants can reconstruct the secret K; on the other hand, if the degree of f(x) is greater than t 竏驤 1, then even t participants can not reconstruct the secret K properly. To prevent these from happening, the degree of the polynomial f(x) should be exactly equal to t 竏驤 1 if the dealer claimed that the threshold of this scheme is t. There also should be some ways for participants to verify whether the threshold is exactly t or not. A few known verifiable threshold schemes provide such ability but the securities of these schemes are based on some cryptographic assumptions. The purpose of this paper is to propose some threshold-verification protocols for the Shamir (t, n)-threshold scheme from the viewpoint of unconditional security.
収録刊行物
-
- 情報処理学会論文誌
-
情報処理学会論文誌 46 (8), 1824-1833, 2005-08-15
東京 : 情報処理学会
- Tweet
詳細情報 詳細情報について
-
- CRID
- 1050282812859341568
-
- NII論文ID
- 110002769772
-
- NII書誌ID
- AN00116647
-
- ISSN
- 18827764
- 03875806
-
- NDL書誌ID
- 7464068
-
- 本文言語コード
- en
-
- 資料種別
- journal article
-
- データソース種別
-
- IRDB
- NDL
- CiNii Articles
- KAKEN