扩展形式秘密共享体制的研究与设计

发布时间：2018-03-13 21:36

本文选题：秘密共享体制　切入点：防欺骗函数　出处：《西安电子科技大学》2014年硕士论文　论文类型：学位论文

【摘要】：随着信息社会的发展,信息安全越来越多地受到人们的广泛关注。在对信息安全起核心作用的密码学中,一个加密或签名算法所用的密钥的安全保密问题至为关键,尤其是在多层安全建设中处于顶级的这样密钥(以下称为主密钥),若交给单独一位管理员来保管,在操作上可能有以下的弊端:(1)每次都需要这位管理员出席方能得到这个主密钥;(2)若这位管理员发生意外不幸丧生,则这个主密钥将从此失落,影响系统操作;(3)若这位管理员将此主密钥出卖给他人,就将危害到整个系统的安全。运用秘密共享技术可以彻底地解决上述问题。所谓的秘密共享就是将要保管的秘密s(如上述中的主密钥)提供给一个参与者集合P的所有成员分开保管,当且仅当集合P的一个授权子集中的所有成员出示他们的秘密份额时才能恢复出共享秘密s,而非授权子集成员则得不到关于秘密s的任何信息。本文首先综述了秘密共享技术的研究状况;其次,提出了一个部分广播信道秘密共享体制,并在其安全性和效率方面给出了一些研究结果;第三,提出一个了防欺骗的秘密共享体制,并研究了其安全性的一些主要方面。具体地来说,本文的成果包括以下几个方面:1.部分广播是在一对多的信道分布下传输消息的,它的秘密共享方案构造等价于构造一个cover?free?family集合(任意t?1个信道都不包含有其他剩余信道的消息内容)。本文给出了一个构造cover?free?family集合的方法,然后对其效率(主要包括信道效率和通信效率)进行了分析。效率分析分在信道分布固定不变和变化两种情况下讨论进行:对于信道分布固定不变情形,用接入结构为?的秘密共享方案来构造;而对于信道分布变化情形,用完备的hash family来构造。推导的结果表明,它们的通信效率都比传统的在一对一信道上发送分享秘密的要高。2.传统的秘密共享体制一般由共享秘密生成算法和共享秘密恢复算法构成,防欺骗秘密共享体制的改进之处在于设计了一个有甄别功能的共享秘密恢复算法,它在没有出现欺骗者的时候,将恢复出秘密;而当出现欺骗者的时候,就会产生特殊符号。本文分别从任意有限域上多项式和乘法逆元角度,研究构造了两种防欺骗认证函数,并讨论了各种欺诈情况出现的条件及其相应的概率。
[Abstract]:With the development of information society, more and more people pay attention to information security. In particular, such a key, which is at the top of the multilayer security architecture (hereinafter referred to as the master key, is left to a single administrator to keep it). There may be the following malpractice in operation: 1) every time this administrator is present to get the master key, if the administrator accidentally dies, the master key will be lost from now on. If the administrator sells the master key to someone else, The security of the whole system will be jeopardized. The problem can be solved thoroughly by using the secret sharing technology. The secret sharing is that the secret ss to be kept (such as the master key in the above) is provided to a set of participants P. In the separate custody of all members of the. If and only if all members of an authorized subset of the set P show their secret share, then the shared secret s can be recovered, while the non-authorized subset member can not get any information about the secret s. The research status of secret sharing technology; Secondly, a partial broadcast channel secret sharing scheme is proposed, and some research results are given in terms of its security and efficiency. Thirdly, a deception-proof secret sharing scheme is proposed. And some main aspects of its security are studied. To be specific, the results of this paper include the following aspects: 1. Part of the broadcast transmits messages under a one-to-many channel distribution, and its secret sharing scheme is equivalent to constructing a cover1? Free? Family collection (arbitrary t? A single channel does not contain the message content of other remaining channels. Free? The method of family set is analyzed, and its efficiency (including channel efficiency and communication efficiency) is analyzed. The efficiency analysis is discussed in two cases: the channel distribution is invariant and the channel distribution is invariant. With the access structure? In the case of channel distribution variation, a complete hash family is used to construct the scheme. The derived results show that, Their communication efficiency is higher than that of the traditional one to one channel. 2. The traditional secret sharing scheme is generally composed of shared secret generation algorithm and shared secret recovery algorithm. The improvement of the anti-deception secret sharing system lies in the design of a discriminating algorithm for the restoration of shared secrets, which recovers secrets when there are no spoofers, and when deceivers appear, In this paper, we study and construct two kinds of anti-deception authentication functions from the angles of polynomial and multiplication inverse element on arbitrary finite fields, and discuss the conditions and the corresponding probability of various kinds of fraud cases.
【学位授予单位】：西安电子科技大学
【学位级别】：硕士
【学位授予年份】：2014
【分类号】：TN918.4

【相似文献】