Your SlideShare is downloading.
×

×

Saving this for later?
Get the SlideShare app to save on your phone or tablet. Read anywhere, anytime – even offline.

Text the download link to your phone

Standard text messaging rates apply

Like this presentation? Why not share!

- secret sharing schemes by wonloser 1301 views
- Secret sharing schemes by wonloser 600 views
- The Secret is Sharing by Lori Carmona 875 views
- public-key cryptography Shamir by Information Secur... 353 views
- Chapter 10 Association Rules by Tommy96 8266 views
- Visual CryptoGraphy by pallavikhandekar212 7871 views

2,600

Published on

We rely on secrets such as safe combinations, PIN codes, computer passwords, etc. But so many things happen to lose secretes. …

We rely on secrets such as safe combinations, PIN codes, computer passwords, etc. But so many things happen to lose secretes.

1. Secrets can be lost.

2. Documents get destroyed.

3. Hard disks fail

4. People forget

5. People leave companies,

6. people die...

One way to avoid such problems :-

Divide secret data (D) in to pieces (n)

* Knowledge of some pieces (k) enables to derive secret data (D)

* Knowledge of any pieces (k-1) makes secret data (D) completely undetermined.

Such a scheme is called a (k, n) threshold scheme.

This presentation provides a in depth view of Shamir's Secret Sharing Scheme.

No Downloads

Total Views

2,600

On Slideshare

0

From Embeds

0

Number of Embeds

8

Shares

0

Downloads

84

Comments

0

Likes

1

No embeds

No notes for slide

- 1. How to share a secret by Adi Shamir Damitha Premadasa. Kelum Senanayake.
- 2. Introduction About author Adi Shamir  An Israeli cryptographer born July 6, 1952.  He is a co-inventor of the RSA algorithm, Feige-Fiat-Shamir Identification Scheme.  One of the inventors of Differential Cryptanalys.  Has made numerous contributions to the fields of cryptography and computer science. We rely on secrets such as safe combinations, PIN codes, computer passwords, etc.  Secrets can be lost.  Documents get destroyed, Hard disks fail,  People forget, People leave companies, People die...
- 3. Example key management scenario Eleven scientists are working on a secret project. They wish to lock up the documents in a cabinet. The cabinet can be opened if and only if six or more of the scientists are present.  What is the smallest number of locks needed?  What is the smallest number of keys to the locks each scientist must carry? Minimal solution uses 462 locks and 252 keys per scientist. Drawbacks:  These numbers are clearly impractical  Becomes exponentially worse when the number of scientists increases
- 4. Key management/cryptographicschemes What is a Key management system.  Key management is the provisions made in a cryptography system design that are related to generation, exchange, storage, safeguarding, use, vetting, and replacement of keys. Properties of key management schemes  Safety  Convenience
- 5. Shamirs secret-sharing scheme Why Threshold schemes? Secret sharing scheme,  Divide secret data (D) in to pieces (n)  Knowledge of some pieces (k) enables to derive secret data (D)  Knowledge of any pieces (k-1) makes secret data (D) completely undetermined. Such a scheme is called a (k, n) threshold scheme. Easily computable when have necessary data available Avoid single point of failure, increase reliability and security Safety and convenience
- 6. Shamirs secret-sharing scheme (A simple(k, n) threshold scheme) Suppose using ( k, n ) threshold scheme to share our secret S. Choose at random k-1 coefficients a1, a2,.., a(k-1) and let a0=S. Build the polynomial. q(x) = a0 + a1 * x + a2 *x2 + ... a(k-1) * x(k-1) Construct D1=q(1), ..., Di=q(i), ..., Dn=q(n). Given any subset of k pairs, can find S using interpolation The secret is the constant term a0.
- 7. Shamirs Secret Sharing scheme The essential idea of Adi Shamirs threshold scheme,  2 points are sufficient to define a line.  3 points are sufficient to define a parabola.  4 points to define a cubic curve and so forth.  k points to define a polynomial of degree (k - 1)
- 8. Example S = 1234, n = 6, k = 3 At random we obtain 2 numbers: a1 = 166, a2 = 94. Our polynomial to produce secret shares (points) is therefore: q(x) = 1234 + 166 x + 94x2 We construct 6 points from the polynomial: (1,1494); (2,1942); (3,2578); (4,3402); (5,4414); (6,5614) We give each participant a different single point (both x and q(x) ).
- 9. Example contd… Reconstruction the secret, In order to reconstruct the secret any 3 points will be enough. Let us consider (2,1942); (4,3402); (5,4414); Using Lagrange basis polynomials, it is possible to construct q(x) hence S value can be derived.
- 10. Example contd…Let us considerWe will compute Lagrange basis polynomials:
- 11. Example contd…Therefore,
- 12. Useful properties of (k, n) thresholdscheme Secure. Minimal: The size of each piece does not exceed the size of the original data. Extensible: When k is kept fixed, Di pieces can be dynamically added or deleted without affecting the other pieces. Dynamic: Security can be easily enhanced without changing the secret, but by changing the polynomial occasionally (keeping the same free term) and constructing new shares to the participants.
- 13. Useful properties contd.. Flexible: In organizations where hierarchy is important, we can supply each participant different number of pieces according to his importance inside the organization. For instance, the president can unlock the safe alone, whereas 3 secretaries are required together to unlock it. Efficient algorithms [O(n log2 n)] available for polynomial evaluation and interpolation
- 14. Available Implementations http://sourceforge.net/projects/secretsharejava/ http://www.christophedavid.org/w/c/w.php/Calculators/Sh amirSecretSharing http://point-at-infinity.org/ssss/demo.html http://www.buttsoft.com/software/tontine/ http://www.buttsoft.com/software/tontine/java.html
- 15. Q&A Thank You

Be the first to comment