1. Secure Schemes for Secret Sharing and Key
Distribution
N. Chandramowliswaran, P. Muralikrishna and S. Srinivasan
School of Advanced Sciences,
Vellore Institute of Technology,
Vellore 632 014,
India.
e-mail: smrail@gmail.com
Abstract
In resent years the security of operations taking place over a computer
network become very important. It is necessary to protect such actions
against bad users who may try to misuse the system (e.g. steal credit
card numbers, read personal mail, or impersonate other users.) Many
protocols and schemes were designed to solve problem of this type. This
paper deals with two fundamental cryptographic tools that are useful in such
contexts: generalized secret sharing scheme and key distribution schemes.
Both secret sharing schemes and key distribution schemes are used in multi-
party systems. secret sharing schemes enables some predetermined sets of
parties to reconstruct a given secret. In this paper we have shown a novel
key pre distribution algorithm based on number theory which uses Chineese
Remainder Theorem (CRT), Continued fractions (CF) and pell’s equation.
1 Introduction
Secret sharing (also called secret splitting) refers to method for distributing a
secret amongst a group of participants, each of whom is allocated a share of the
1
2. 2
secret. The secret can be reconstructed only when a sufficient number, of possibly
different types, of shares are combined together; individual shares are of no use
on their own.
Secret sharing was invented independently by Adi Shamir [6] and George
Blakley [7] in 1979. Secret sharing schemes are ideal for storing information that is
highly sensitive and highly important. Examples include: encryption keys, missile
launch codes, and numbered bank accounts. Each of these pieces of information
must be kept highly confidential, as their exposure could be disastrous, however,
it is also critical that they not be lost. Traditional methods for encryption are
ill-suited for simultaneously achieving high levels of confidentiality and reliability.
This is because when storing the encryption key, one must choose between keeping
a single copy of the key in one location for maximum secrecy, or keeping multiple
copies of the key in different locations for greater reliability. Increasing reliability
of the key by storing multiple copies lowers confidentiality by creating additional
attack vectors; there are more opportunities for a copy to fall into the wrong
hands. Secret sharing schemes address this problem, and allow arbitrarily high
levels of confidentiality and reliability to be achieved.
A secure secret sharing scheme distributes shares so that anyone with fewer
than 𝑡 shares has no extra information about the secret than someone with 0
shares.
Consider for example the secret sharing scheme in which the secret phrase
security is divided into the shares 𝑠𝑒−−−−−−, −−𝑐𝑢−−−−, −−−−𝑟𝑖−−,
and − − − − − − 𝑡𝑦. A person with 0 shares knows only that the password
consists of eight letters. He would have to guess the password from 268
= 208
billion possible combinations. A person with one share, however, would have to
guess only the six letters, from 266
= 308 million combinations, and so on as
more persons collude. Consequently this system is not a secure secret sharing
scheme, because a player with fewer than t secret-shares is able to reduce the
problem of obtaining the inner secret without first needing to obtain all of the
necessary shares.
More generally, (𝑛; 𝑘) secret sharing is the problem of distributing a secret
3. 3
number 𝑠 among 𝑛 people so that no 𝑘 − 1 of them have any information
about 𝑠 but 𝑘 of them can determine 𝑠. Shamir’s secret sharing does this by
giving the 𝑛 -th party 𝑓(𝑛), where 𝑓 is an appropriately chosen polynomial. The
dealer Dan picks random field elements 𝑎1, 𝑎2, . . . , 𝑎𝑘−1, and uses the polynomial
𝑓(𝑡) = 𝑠 + 𝑎1𝑡 + 𝑎2𝑡2
+ ⋅ ⋅ ⋅ + 𝑎𝑘−1𝑡𝑘−1
. He gives the 𝑛 -th person 𝑓(𝑛). For
𝑘 people to recover the secret, they just pool their shares and use Lagrange
interpolation to find the unique degree 𝑘 − 1 polynomial passing through the 𝑘
points. (Lagrange interpolation works over any field. In practice, a large finite
field would probably be used.) The secret is just the constant term. Any 𝑘 − 1
people have no knowledge about 𝑠. They have 𝑘 − 1 points on the polynomial,
but there is a degree 𝑘 − 1 polynomial going through their 𝑘 − 1 points and
(0, 𝑡) for any integer 𝑡, so their combined knowledge reveals nothing about 𝑠.
The current trend towards cloud computing means that more and more data
is being processed and stored by online resources beyond physical and logical
control of the owner. It is a simple task for an adversary to intercept, copy, and
store any data sent across a public network and from this point on, confidentiality
is determined solely by the original encryption scheme. Hence re-encryption is
useless, and even deletion of data cannot be guaranteed.
Current cryptographic schemes in wide deployment today, such as RSA, Dife
Hellman, and AES, do not over long term confidentiality guarantees. This
is because concrete security is based on the current infeasibility of a specific
computational problem, such as factoring a 1024 -bit RSA modulus or computing
a 128 -bit AES key, and there are no known techniques to prove the hardness of
such problems.
We mention several related survey articles which overlap to some extent with
our exposition [1][2][3][4][5]
One of the standard topics in a first course in number theory is the Euler 𝜙
function, with 𝜙(𝑛) defined as the number of positive integers less than 𝑛 and
relatively prime to 𝑛. A famous theorem involving 𝜙 is that suppose 𝑎 and 𝑏
are any two positive integers with (𝑎, 𝑏) = 1 then 𝑎𝜙(𝑏)
+𝑏𝜙(𝑎)
≡ 1(𝑚𝑜𝑑 𝑎𝑏). The
Chinese Remainder Theorem (CRT) can also be used in secret sharing, there are
4. 4
two secret sharing schemes that make use of the Chinese Remainder Theorem,
Mignotte’s and Asmuth-Bloom’s Schemes. They are threshold secret sharing
schemes, in which the shares are generated by reduction modulo the integers
𝑚𝑖, and the secret is recovered by essentially solving the system of congruences
using the Chinese Remainder Theorem.
Theorem 1.0. (Chinese Remainder Theorem)
Suppose that 𝑚1, 𝑚2, . . . , 𝑚𝑟 are pairwise relatively prime positive integers, and
let 𝑎1, 𝑎2, . . . , 𝑎𝑟 be integers. Then the system of congruences, 𝑥 ≡ 𝑎𝑖(𝑚𝑜𝑑 𝑚𝑖)
for 1 ≤ 𝑖 ≤ 𝑟, has a unique solution modulo 𝑀 = 𝑚1 × 𝑚2 × . . . × 𝑚𝑟, which is
given by: 𝑥 ≡ 𝑎1𝑀1𝑦1 + 𝑎2𝑀2𝑦2 + . . . + 𝑎𝑟𝑀𝑟𝑦𝑟(𝑚𝑜𝑑 𝑀), where 𝑀𝑖 = 𝑀
𝑚𝑖
and
𝑦𝑖 ≡ (𝑀𝑖)−1
(𝑚𝑜𝑑 𝑚𝑖) for 1 ≤ 𝑖 ≤ 𝑟.
2 Main Results
Lemma 2.1. Let 𝑝, 𝑞 and 𝑟 be three given distinct odd primes. Then there exist
integers 𝑘1, 𝑘2 and 𝑘3 such that
𝑘1𝑝(𝑞𝑟−1
+ 𝑟𝑞−1
) + 𝑘2𝑞(𝑝𝑟−1
+ 𝑟𝑞−1
) + 𝑘3𝑟(𝑝𝑞−1
+ 𝑞𝑝−1
) + 2 ≡ 0 (𝑚𝑜𝑑 𝑝𝑞𝑟).
Proof:
Define: 𝑋 = (𝑝𝑞−1
+ 𝑞𝑝−1
) + (𝑝𝑟−1
+ 𝑟𝑝−1
) + (𝑞𝑟−1
+ 𝑟𝑞−1
) − 2. Then
𝑋 ≡ (𝑞𝑟−1
+ 𝑟𝑞−1
)(𝑚𝑜𝑑𝑝)
𝑋 ≡ (𝑝𝑟−1
+ 𝑟𝑝−1
)(𝑚𝑜𝑑𝑞) and
𝑋 ≡ (𝑝𝑞−1
+ 𝑞𝑝−1
)(𝑚𝑜𝑑𝑟).
By CRT, the above system of congruences has exactly one solution modulo the
product 𝑝𝑞𝑟.
Define 𝑀 = 𝑝𝑞𝑟
𝑀𝑝 = 𝑀
𝑝 = 𝑞𝑟, 𝑀𝑞 = 𝑀
𝑞 = 𝑝𝑟 and 𝑀𝑟 = 𝑀
𝑟 = 𝑝𝑞.
Since (𝑀𝑝, 𝑝) = 1, then there is a unique 𝑀′
𝑝 such that 𝑀𝑝 𝑀′
𝑝 ≡ 1 (𝑚𝑜𝑑 𝑝).
Similarly there are unique 𝑀′
𝑞 and 𝑀′
𝑟 such that
𝑀𝑞 𝑀′
𝑞 ≡ 1 (𝑚𝑜𝑑 𝑞) and 𝑀𝑟 𝑀′
𝑟 ≡ 1 (𝑚𝑜𝑑 𝑟).
Consider
𝑋 ≡ ((𝑝𝑞−1
+𝑞𝑝−1
)𝑀𝑟 𝑀′
𝑟+(𝑝𝑟−1
+𝑟𝑝−1
)𝑀𝑞 𝑀′
𝑞+(𝑞𝑟−1
+𝑟𝑞−1
)𝑀𝑝 𝑀′
𝑝) (𝑚𝑜𝑑 𝑝𝑞𝑟)
5. 5
𝑝𝑞−1
+ 𝑞𝑝−1
+ 𝑝𝑟−1
+ 𝑟𝑝−1
+ 𝑞𝑟−1
+ 𝑟𝑞−1
− 2
≡ ((𝑝𝑞−1
+𝑞𝑝−1
)𝑀𝑟 𝑀′
𝑟 +(𝑝𝑟−1
+𝑟𝑝−1
)𝑀𝑞 𝑀′
𝑞 +(𝑞𝑟−1
+𝑟𝑞−1
)𝑀𝑝 𝑀′
𝑝) (𝑚𝑜𝑑 𝑝𝑞𝑟)
−2 ≡ ((𝑝𝑞−1
+ 𝑞𝑝−1
)(𝑀𝑟 𝑀′
𝑟 − 1) + (𝑝𝑟−1
+ 𝑟𝑝−1
)(𝑀𝑞 𝑀′
𝑞 − 1)
+(𝑞𝑟−1
+ 𝑟𝑞−1
)(𝑀𝑝 𝑀′
𝑝 − 1)) (𝑚𝑜𝑑 𝑝𝑞𝑟)
Thus
𝑘1𝑝(𝑞𝑟−1
+ 𝑟𝑞−1
) + 𝑘2𝑞(𝑝𝑟−1
+ 𝑟𝑞−1
) + 𝑘3𝑟(𝑝𝑞−1
+ 𝑞𝑝−1
) + 2 ≡ 0 (𝑚𝑜𝑑 𝑝𝑞𝑟).
Theorem 2.0. Let 𝑆 be the given secret and 𝑁 = 𝑝𝑞𝑟 where 𝑝, 𝑞 and 𝑟 are
distinct large odd primes. Define three secret shareholders 𝑌1, 𝑌2, 𝑌3 as follows:
𝑌1 ≡ (−𝑆𝑘1𝑝(𝑞𝑟−1
+ 𝑟𝑞−1
)) (𝑚𝑜𝑑 𝑁), 𝑌2 ≡ (−𝑆𝑘2𝑞(𝑝𝑟−1
+ 𝑟𝑝−1
)) (𝑚𝑜𝑑 𝑁) and
𝑌3 ≡ (−𝑆(𝑘3𝑟(𝑝𝑞−1
+ 𝑞𝑝−1
) + 1)) (𝑚𝑜𝑑𝑁) then 𝑆 = 𝑌1 + 𝑌2 + 𝑌3(𝑚𝑜𝑑 𝑁)
Proof: By the above Lemma 2.1, we have
𝑘1𝑝(𝑞𝑟−1
+ 𝑟𝑞−1
) + 𝑘2𝑞(𝑝𝑟−1
+ 𝑟𝑞−1
) + 𝑘3𝑟(𝑝𝑞−1
+ 𝑞𝑝−1
) + 2 ≡ 0 (𝑚𝑜𝑑 𝑁).
1 ≡ (−(𝑘1𝑝(𝑞𝑟−1
+𝑟𝑞−1
))−(𝑘2𝑞(𝑝𝑟−1
+𝑟𝑞−1
))−(𝑘3𝑟(𝑝𝑞−1
+𝑞𝑝−1
)+1)) (𝑚𝑜𝑑 𝑁)
Thus 𝑆 = 𝑌1 + 𝑌2 + 𝑌3(𝑚𝑜𝑑 𝑁).
Algorithm 1.
∙ Choose two secret very large odd primes 𝑟1, 𝑟2 with 𝑟1 > 𝑟2
∙ Construct 𝑥2
+ 1 = (𝑟2
1 + 𝑟2
2)𝑦
∙ Select two large odd primes 𝑝 and 𝑞
∙ Define 𝑛 = 𝑝𝑞 then 𝜙(𝑛) = (𝑝−1)(𝑞−1) Where 𝜙(𝑛) is Euler phi function
∙ Select a random 𝑒 such that [ 1 < 𝑒 < 𝜙(𝑛) ] (𝑒, 𝜙(𝑛)) = 1
∙ For an 𝑒 there is a unique 𝑑 such that 𝑒𝑑 ≡ 1(𝑚𝑜𝑑 𝜙(𝑛))
∙ consider 𝑎 = (𝑟2
1 + 𝑟2
2)(𝑦 + 𝑑) − (𝑥 + 𝜙(𝑛))2
𝑎 = (𝑟2
1 + 𝑟2
2)𝑦 − 𝑥2
+ (𝑟2
1 + 𝑟2
2)𝑑 − [𝜙(𝑛)]2
− 2𝑥𝜙(𝑛)
= 1 + (𝑟2
1 + 𝑟2
2)𝑑 − [𝜙(𝑛)]2
− 2𝑥𝜙(𝑛)
𝑎 ≡ 1 + (𝑟2
1 + 𝑟2
2)𝑑(𝑚𝑜𝑑 𝜙(𝑛))
𝑎𝑒 ≡ 𝑒 + (𝑟2
1 + 𝑟2
2)(𝑚𝑜𝑑 𝜙(𝑛))
𝑠 ≡ 𝑒(𝑚𝑜𝑑 𝜙(𝑛)) where 𝑠 = 𝑎𝑒 − (𝑟2
1 + 𝑟2
2)
6. 6
∙ Public key: (𝑠, 𝑛)
∙ Represent the message 𝑚 in the interval [0, 𝑛 − 1] with (𝑚, 𝑛) = 1
∙ Encryption
𝐸 ≡ 𝑚𝑠
(𝑚𝑜𝑑 𝑛)
≡ 𝑚𝑘𝜙(𝑛)+𝑒
(𝑚𝑜𝑑 𝑛)
≡ 𝑚𝑘𝜙(𝑛)
𝑚𝑒
(𝑚𝑜𝑑 𝑛)
≡ [𝑚𝜙(𝑛)
]𝑘
𝑚𝑒
(𝑚𝑜𝑑 𝑛)
≡ 𝑚𝑒
(𝑚𝑜𝑑 𝑛)
∙ Key distribution: Choose ℓ share holders then 𝑒 = 𝑘1 + 𝑘2 + ⋅ ⋅ ⋅ + 𝑘ℓ
𝐸 ≡ 𝑚𝑒
(𝑚𝑜𝑑 𝑛)
𝐸 ≡ 𝑚𝑘1+𝑘2+⋅⋅⋅+𝑘ℓ
(𝑚𝑜𝑑 𝑛)
𝐸 ≡ 𝑚𝑘1
𝑚𝑘2
. . . 𝑚𝑘ℓ
(𝑚𝑜𝑑 𝑛)
∙ For ℓ share holders we can distribute ℓ key’s such as 𝑚𝑘1
, 𝑚𝑘2
, . . . , 𝑚𝑘ℓ
.
Algorithm 2.
∙ Select a secret odd prime integer 𝑟
∙ Consider the Diophantine Equation:
𝑦2
− 𝑟𝑥2
= 1 (1)
∙ Let (𝑥0, 𝑦0) be the least positive integral solution of (1). Here 𝑥0, 𝑦0 are
kept secret
∙ Select two large odd primes 𝑝 and 𝑞
∙ Define 𝑛 = 𝑝𝑞 then 𝜙(𝑛) = (𝑝−1)(𝑞−1) Where 𝜙(𝑛) is Euler phi function
∙ Select a random 𝑒 such that [ 1 < 𝑒 < 𝜙(𝑛) ] such that (𝑒, 𝜙(𝑛)) = 1
∙ For an 𝑒 there is a unique 𝑑 such that 𝑒𝑑 ≡ 1(𝑚𝑜𝑑 𝜙(𝑛))
∙ consider 𝑎 = (𝑦0 + 𝜙(𝑛))2
− 𝑟(𝑥0 + 𝑒)2
(2)
∙ 𝑒3
is not congruent to 1(𝑚𝑜𝑑 𝜙(𝑛)) and 𝑑3
is not congruent to
1(𝑚𝑜𝑑 𝜙(𝑛))
7. 7
∙ From (2) 𝑎𝑑3
+ 𝑟𝑑 + 2𝑥0𝑑2
𝑟 ≡ 𝑑3
(𝑚𝑜𝑑 𝜙(𝑛))
∙ Let 𝑆 = 𝑎𝑑3
+ 2𝑥0𝑑2
𝑟 + 𝑟𝑑 then 𝑆 ≡ 𝑑3
(𝑚𝑜𝑑 𝜙(𝑛))
∙ Public key: (𝑠, 𝑛)
∙ Represent the message 𝑚 in the interval [0, 𝑛 − 1] with (𝑚, 𝑛) = 1
∙ Encryption
𝐸 ≡ 𝑚𝑠
(𝑚𝑜𝑑 𝑛)
≡ 𝑚𝑘𝜙(𝑛)+𝑑3
(𝑚𝑜𝑑 𝑛)
≡ 𝑚𝑘𝜙(𝑛)
𝑚𝑑3
(𝑚𝑜𝑑 𝑛)
≡ [𝑚𝜙(𝑛)
]𝑘
𝑚𝑑3
(𝑚𝑜𝑑 𝑛)
≡ 𝑚𝑑3
(𝑚𝑜𝑑 𝑛)
∙ Key distribution: Choose ℓ share holders then 𝑑3
= 𝑘1 + 𝑘2 + ⋅ ⋅ ⋅ + 𝑘ℓ
𝐸 ≡ 𝑚𝑑3
(𝑚𝑜𝑑 𝑛)
𝐸 ≡ 𝑚𝑘1+𝑘2+⋅⋅⋅+𝑘ℓ
(𝑚𝑜𝑑 𝑛)
𝐸 ≡ 𝑚𝑘1
𝑚𝑘2
. . . 𝑚𝑘ℓ
(𝑚𝑜𝑑 𝑛)
∙ For ℓ share holders we can distribute ℓ key’s such as 𝑚𝑘1
, 𝑚𝑘2
, . . . , 𝑚𝑘ℓ
.
Algorithm 3.
∙ Let 𝑝, 𝑞, 𝑟 and 𝑠 be the given distinct secrete odd primes.
∙ Define 𝑢 = 𝑝 𝑞 and 𝑣 = 𝑟 𝑠
∙ Select 𝑎, 𝑏 such that (𝑎, 𝑢) = 1 and (𝑏, 𝑣) = 1
∙ Select two positive integers 𝑒, 𝑓 such that
(𝑒, (𝑝 − 1)(𝑞 − 1)) = 1 and (𝑓, (𝑟 − 1)(𝑠 − 1)) = 1
∙ Select a common secret 𝑡 with 𝑝, 𝑞, 𝑟, 𝑠 should not divide 𝐻
∙ Define 𝑥1, 𝑥2 as follows:
𝑥1 ≡ 𝑎𝑡𝑒
(𝑚𝑜𝑑 𝑈)
𝑥2 ≡ 𝑏𝑡𝑓
(𝑚𝑜𝑑 𝑉 )
∙ Solve 𝑡 uniquely under (𝑚𝑜𝑑 𝑈𝑉 ) using Chineese Remainder Theorem
8. 8
∙ 𝑡 is the common secret shared by 𝑥1 and 𝑥2
BC code
∙ Let 𝑁 be a fixed positive integer
∙ Define 𝜙(𝑖,𝑁) =∣ {𝑥 ∣ 𝑖 ≤ 𝑥 ≤ 𝑁 𝑤𝑖𝑡ℎ (𝑥, 𝑁) = 1} ∣ where 𝑖 ∈ {1, 2, . . . , 𝑁}
∙ Define the 𝐵𝐶 code for 𝑁 ( 𝐵𝐶𝑁 ) as follows:
𝐵𝐶𝑁 = (𝜙(1,𝑁), 𝜙(2,𝑁), . . . , 𝜙(𝑁−1,𝑁), 𝜙(𝑁,𝑁))
Remark
For every positive integer 𝑁 we can write a unique 𝐵𝐶 code
Theorem 2.0. Let 𝑁 be any positive integer. Then 𝑁 is a prime if and only
if there exist a unique 𝐵𝐶 code such that 𝐵𝐶𝑁 = (𝑁 − 1, 𝑁 − 2, . . . , 2, 1, 0).
∙ Let 𝑁 be an odd positive integer
∙ Let 𝑆𝑁 = {1, 2, 3, . . . , 𝑁 − 1, 𝑁}
∙ Define 𝐴 = {𝑥 ∈ 𝑆𝑁 ∣ 1 ≤ 𝑥 ≤ 𝑁, (𝑥, 𝑁) = 1} where 𝑔𝑐𝑑{𝑥, 𝑁} = 1 =
(𝑥, 𝑁)
∙ For each 𝑒 with (𝑒, 𝜙(𝑁)) = 1, the map 𝑥 −→ 𝑥𝑒
is a permutation on 𝐴
∙ ∣ 𝐴 ∣ = 𝜙(𝑁) = 𝑁
∏
𝑝∣𝑁
(
1 − 1
𝑝
)
, where the product is over the distinct
prime numbers dividing 𝑁
∙ Let 𝑓 : 𝐴 −→ 𝐴 with 𝑓(𝑥) = 𝑁 − 𝑥, ∀𝑥 ∈ 𝐴
Then 𝑓 is bijective on 𝐴
∙ Define 𝑆1 =
∑
𝑥∈𝐴
𝑥 and 𝑆1 =
∑
𝑥∈𝐴
𝑁 − 𝑥
Then 2𝑆1 =
∑
(𝑥,𝑁)=1
𝑁 = 𝑁𝜙(𝑁)
𝑆1 = 𝑁𝜙(𝑁)
2
∙ Define 𝐵 = {𝑥 ∈ 𝐴 ∣ (𝑥 + 1, 𝑁) = 1}
∙ ∣ 𝐵 ∣ = 𝜓(𝑁) = 𝑁
∏
𝑝∣𝑁
(
1 − 2
𝑝
)
, where the product is over the distinct
prime numbers dividing 𝑁 ( 𝐵 is non empty if and only if 𝑁 is odd)
9. 9
∙ Let 𝑔 : 𝐵 −→ 𝐵 with 𝑔(𝑦) = 𝑁 − 𝑦 − 1, ∀𝑦 ∈ 𝐵
Then 𝑔 is bijective on 𝐵
∙ Define 𝑆2 =
∑
𝑦∈𝐵
𝑦 and 𝑆2 =
∑
𝑦∈𝐵
𝑁 − 𝑦 − 1
Then 2𝑆2 =
∑
(𝑥,𝑁)=(𝑥+1,𝑁)=1
𝑁 − 1 = (𝑁 − 1)𝜓(𝑁)
𝑆2 = 𝑁−1
2 𝜓(𝑁)
∙ Define 𝐶 = {𝑥 ∈ 𝐵 ∣ (𝑥 + 2, 𝑁) = 1}
∙ ∣ 𝐶 ∣ = 𝜂(𝑁) where the product is over the distinct prime numbers dividing
𝑁 ( 𝐶 is non empty if and only if 𝑁 is odd)
∙ Let ℎ : 𝐶 −→ 𝐶 with 𝑔(𝑧) = 𝑁 − 𝑧 − 2, ∀𝑧 ∈ 𝐵
Then ℎ is bijective on 𝐶
∙ Define 𝑆3 =
∑
𝑧∈𝐶
𝑧 and 𝑆3 =
∑
𝑧∈𝐶
𝑁 − 𝑧 − 2
Then 2𝑆3 =
∑
(𝑥,𝑁)=(𝑥+1,𝑁)=(𝑥+2,𝑁)=1
𝑁 − 2 = (𝑁 − 2)𝜂(𝑁)
𝑆3 = 𝑁−2
2 𝜂(𝑁)
Proposition 2.1. Let 𝑁 ≥ 3 be a given positive integer. Define a tree 𝑇𝑁
as follows, for each 𝑥 > 1 such that (𝑥, 𝑁) = 1, then there is a unique vertex
𝑣𝑥 ∈ 𝑉 (𝑇𝑁 ) with deg 𝑣𝑥 = 𝑥 and remaining all leaves, then prove that the number
of vertices of 𝑇𝑁 is 𝑛 = 𝜙(𝑁)
2 (𝑁 − 2) + 2.
Proof:
Let 𝑁 ≥ 3 be a positive integer then there exists 𝑥𝑖 such that gcd (𝑥𝑖, 𝑁) =
1, ∀𝑖 = {2, 3, . . . , 𝜙(𝑁)}. Construct a tree 𝑇𝑁 such that for each 𝑥𝑖 there exists
a unique vertex 𝑣𝑥𝑖
of degree 𝑥𝑖.
Clearly,
𝑛∑
𝑖=2
𝑑(𝑣𝑥𝑖
) = 2(𝑛 − 1)
(𝑁𝜙(𝑁)
2 − 1) + 𝑛 − (𝜙(𝑁) − 1) = 2𝑛 − 2 where 𝑉 (𝑇𝑁 ) = 𝑛.
Proposition 2.2. Let 𝑁 ≥ 3 be a positive integer. Construct a tree 𝑇𝑁 such
that for each 𝑥 > 1 with (𝑥, 𝑁) = (𝑥 + 1, 𝑁) = 1 then there is a unique vertex
𝑣𝑥 of degree 𝑥. Prove that the number of vertices of 𝑇𝑁 is 𝑛 = 𝜓(𝑁)
2 (𝑁 −3)+2.
10. 10
Proof:
Let 𝑁 ≥ 3 be a positive integer then there exists 𝑥𝑖 such that (𝑥𝑖, 𝑁) = 1, ∀𝑖 =
{2, 3, . . . , 𝜓(𝑁)}. Construct a tree 𝑇𝑁 such that for each 𝑥𝑖 there exists a unique
vertex 𝑣𝑥𝑖
of degree 𝑥𝑖.
Clearly,
𝑛∑
𝑖=2
𝑑(𝑣𝑥𝑖
) = 2(𝑛 − 1)
(𝑁−1
2 )𝜓(𝑁) − 1 + 𝑛 − (𝜓(𝑁) − 1) = 2𝑛 − 2 where 𝑉 (𝑇𝑁 ) = 𝑛.
Proposition 2.3. Let 𝑁 ≥ 3 be an odd positive integer. Construct a tree 𝑇𝑁
such that for each 𝑥 > 1 with (𝑥, 𝑁) = (𝑥+1, 𝑁) = (𝑥+2, 𝑁) = 1 then there
is a unique vertex 𝑣𝑥 of degree 𝑥. Prove that the number of vertices of 𝑇𝑁 is
𝑛 = ?.
Proof:
Let 𝑁 ≥ 3 be an odd positive integer then there exists 𝑥𝑖 such that (𝑥𝑖, 𝑁) = 1
(𝑥𝑖 + 1, 𝑁) = 1 and (𝑥𝑖 + 2, 𝑁) = 1, ∀𝑖 = {2, 3, . . . , 𝜂(𝑁)}. Construct a tree 𝑇𝑁
such that for each 𝑥𝑖 there exists a unique vertex 𝑣𝑥𝑖
of degree 𝑥𝑖.
Managing the shortage of Login ID Problems
𝐼𝐷1
𝑢𝑠𝑒𝑟7
𝑢𝑠𝑒𝑟 1
𝑢𝑠𝑒𝑟 13
𝑢𝑠𝑒𝑟 10 𝑢𝑠𝑒𝑟 9
𝑢𝑠𝑒𝑟 8𝑢𝑠𝑒𝑟 6
𝑢𝑠𝑒𝑟 2
𝑢𝑠𝑒𝑟 4
𝑢𝑠𝑒𝑟5
𝑢𝑠𝑒𝑟3
𝑢𝑠𝑒𝑟11
𝑢𝑠𝑒𝑟 15
𝑢𝑠𝑒𝑟12
𝑢𝑠𝑒𝑟 14
𝐼𝐷3 𝐼𝐷4
𝐼𝐷2 𝐼𝐷5
𝐼𝐷6
𝐼𝐷10
𝐼𝐷9
𝐼𝐷7
𝐼𝐷8
∙ There are 10 Login ID and 15 fifteen users in the given network
∙ Any two Login IDs can be utilized by at most one user
11. 11
∙ Every Login ID is used by exactly three users
∙ Represent the Login IDs by the nodes (vertices) of the graph 𝐺
∙ If there is a 𝑢𝑠𝑒𝑟 − 𝑗 using Login IDs 𝐿𝑜𝑔 𝐼𝐷𝑟 and 𝐿𝑜𝑔 𝐼𝐷𝑠, then join
them by an edge
𝐿𝑜𝑔 𝐼𝐷𝑟 𝐿𝑜𝑔 𝐼𝐷𝑠
𝑢𝑠𝑒𝑟 𝑗
∙ If the two users have a common Login ID then they are conflict users,
otherwise non-conflict users
Example Conflict users: 𝑢𝑠𝑒𝑟 − 1, 𝑢𝑠𝑒𝑟 − 2 and 𝑢𝑠𝑒𝑟 − 7, they have
common Login ID 𝐿𝑜𝑔 𝐼𝐷1
Non-Conflict users: 𝑢𝑠𝑒𝑟 − 2, 𝑢𝑠𝑒𝑟 − 5 and 𝑢𝑠𝑒𝑟 − 9
∙ Define 𝑉 (𝐺) = {𝑣𝑖 = 𝐿𝑜𝑔 𝐼𝐷𝑖 ∣ 1 ≤ 𝑖 ≤ 10}
Define 𝐸(𝐺) = {𝑘 = 𝑢𝑠𝑒𝑟 𝑘 ∣ 1 ≤ 𝑘 ≤ 15}
∙ Define 𝑓(𝑣𝑖) = 𝑓(𝐿𝑜𝑔 𝐼𝐷𝑖) = 𝜎(𝑖), where 𝜎 is a permutation on the set of
numbers {1, 2, . . . , 10}
This 𝜎(𝑖) is given for each 𝐿𝑜𝑔 𝐼𝐷𝑖
∙ Now define the graceful labeling 𝑔 on the set {𝜎(1), 𝜎(2), . . . , 𝜎(10)}
𝑔 : {𝜎(𝑖) : 1 ≤ 𝑖 ≤ 10} −→ {0, 1, 2, . . . , 𝑞 − 1, 𝑞}
Suppose
𝐿𝑜𝑔 𝐼𝐷𝑟 𝐿𝑜𝑔 𝐼𝐷𝑠
𝑢𝑠𝑒𝑟 𝑗
𝑔[𝑢𝑠𝑒𝑟 𝑗] =∣ 𝑔(𝜎(𝑟)) − 𝑔(𝜎(𝑠)) ∣∈ {1, 2, . . . , 𝑞}
where 1 ≤ 𝑟, 𝑠 ≤ 10, 𝑟 ∕= 𝑠
∙ 𝑔 : 𝐸(𝐺) −→ {1, 2, . . . , 𝑞}
∙ 𝑔 is kept secret, but 𝑔[𝑢𝑠𝑒𝑟 𝑗] is given for each 𝑢𝑠𝑒𝑟 𝑗
∙ 𝑔[𝑢𝑠𝑒𝑟 𝑗] is called 𝑢𝑠𝑒𝑟 − 𝐼𝐷
13. 13
𝐶 = {𝑢𝑠𝑒𝑟 − 4, 𝑢𝑠𝑒𝑟 − 7, 𝑢𝑠𝑒𝑟 − 8, 𝑢𝑠𝑒𝑟 − 15} :
𝑢𝑠𝑒𝑟 − 4 ←→ {𝐿𝑜𝑔 𝐼𝐷3, 𝐿𝑜𝑔 𝐼𝐷4}
𝑢𝑠𝑒𝑟 − 7 ←→ {𝐿𝑜𝑔 𝐼𝐷1, 𝐿𝑜𝑔 𝐼𝐷6}
𝑢𝑠𝑒𝑟 − 8 ←→ {𝐿𝑜𝑔 𝐼𝐷5, 𝐿𝑜𝑔 𝐼𝐷7}
𝑢𝑠𝑒𝑟 − 15 ←→ {𝐿𝑜𝑔 𝐼𝐷8, 𝐿𝑜𝑔 𝐼𝐷10}
𝐷 = {𝑢𝑠𝑒𝑟 − 6, 𝑢𝑠𝑒𝑟 − 10} :
𝑢𝑠𝑒𝑟 − 6 ←→ {𝐿𝑜𝑔 𝐼𝐷2, 𝐿𝑜𝑔 𝐼𝐷10}
𝑢𝑠𝑒𝑟 − 10 ←→ {𝐿𝑜𝑔 𝐼𝐷3, 𝐿𝑜𝑔 𝐼𝐷9}
∙ Define congruences equations for the set 𝐴, 𝐵, 𝐶 and 𝐷 as follows
𝑥 ≡ 𝑚2 (𝑚𝑜𝑑 𝑝1𝑝5)
𝑥 ≡ 𝑚5 (𝑚𝑜𝑑 𝑝2𝑝3)
𝑥 ≡ 𝑚9 (𝑚𝑜𝑑 𝑝4𝑝8)
𝑥 ≡ 𝑚11 (𝑚𝑜𝑑 𝑝6𝑝9)
𝑥 ≡ 𝑚13 (𝑚𝑜𝑑 𝑝7𝑝10)
𝑥 has a unique solution 𝑚𝑜𝑑( 𝑝1𝑝2 . . . 𝑝10)
Thus 𝑥 is the common secret shared by the group 𝐴 Non-Conflict users
𝑦 ≡ 𝑚1 (𝑚𝑜𝑑 𝑝1𝑝2)
𝑦 ≡ 𝑚3 (𝑚𝑜𝑑 𝑝4𝑝5)
𝑦 ≡ 𝑚12 (𝑚𝑜𝑑 𝑝6𝑝8)
𝑦 ≡ 𝑚14 (𝑚𝑜𝑑 𝑝7𝑝9)
𝑦 has a unique solution 𝑚𝑜𝑑( 𝑝1𝑝2𝑝4𝑝5𝑝6𝑝7𝑝8𝑝9)
Thus 𝑦 is the common secret shared by the group 𝐵 Non-Conflict users
𝑧 ≡ 𝑚4 (𝑚𝑜𝑑 𝑝3𝑝4)
𝑧 ≡ 𝑚7 (𝑚𝑜𝑑 𝑝1𝑝6)
𝑧 ≡ 𝑚8 (𝑚𝑜𝑑 𝑝5𝑝7)
𝑧 ≡ 𝑚15 (𝑚𝑜𝑑 𝑝8𝑝10)
𝑧 has a unique solution 𝑚𝑜𝑑( 𝑝1𝑝3𝑝4𝑝5𝑝6𝑝7𝑝8𝑝10)
Thus 𝑧 is the common secret shared by the group 𝐶 Non-Conflict users
𝑤 ≡ 𝑚6 (𝑚𝑜𝑑 𝑝2𝑝10)
14. 14
𝑤 ≡ 𝑚10 (𝑚𝑜𝑑 𝑝3𝑝9)
𝑤 has a unique solution 𝑚𝑜𝑑( 𝑝2𝑝3𝑝9𝑝10)
Thus 𝑤 is the common secret shared by the group 𝐷 Non-Conflict users
𝐼𝐷5
𝐼𝐷6 𝐼𝐷4
𝐼𝐷3 𝐼𝐷2
𝐼𝐷1
𝑢5
𝑢
4𝑢6
𝑢12
𝑢11
𝑢10 𝑢9
𝑢8
𝑢7
𝑢3
𝑢2
𝑢1
∙ There are 6 Login ID and 12 fifteen users in the given network
∙ Any two Login IDs can be utilized by at most one user
∙ Every Login ID is used by exactly four users
∙ Represent the Login IDs by the nodes (vertices) of the graph 𝐺
∙ If there is a 𝑢𝑠𝑒𝑟 − 𝑗 using Login IDs 𝐿𝑜𝑔 𝐼𝐷𝑟 and 𝐿𝑜𝑔 𝐼𝐷𝑠, then join
them by an edge
𝐿𝑜𝑔 𝐼𝐷𝑟 𝐿𝑜𝑔 𝐼𝐷𝑠
𝑢𝑠𝑒𝑟 𝑗
∙ If the two users have a common Login ID then they are conflict users,
otherwise non-conflict users
Example Conflict users: 𝑢𝑠𝑒𝑟 − 1, 𝑢𝑠𝑒𝑟 − 3, 𝑢𝑠𝑒𝑟 − 7 and 𝑢𝑠𝑒𝑟 − 12,
they have common Login ID 𝐿𝑜𝑔 𝐼𝐷1
Non-Conflict users: 𝑢𝑠𝑒𝑟 − 1, 𝑢𝑠𝑒𝑟 − 6 and 𝑢𝑠𝑒𝑟 − 10
15. 15
∙ Define 𝑉 (𝐺) = {𝑣𝑖 = 𝐿𝑜𝑔 𝐼𝐷𝑖 ∣ 1 ≤ 𝑖 ≤ 6}
Define 𝐸(𝐺) = {𝑘 = 𝑢𝑠𝑒𝑟 𝑘 ∣ 1 ≤ 𝑘 ≤ 12}
∙ Define 𝑓(𝑣𝑖) = 𝑓(𝐿𝑜𝑔 𝐼𝐷𝑖) = 𝜎(𝑖), where 𝜎 is a permutation on the set of
numbers {1, 2, . . . , 6}
This 𝜎(𝑖) is given for each 𝐿𝑜𝑔 𝐼𝐷𝑖
∙ Now define the graceful labeling 𝑔 on the set {𝜎(1), 𝜎(2), . . . , 𝜎(6)}
𝑔 : {𝜎(𝑖) : 1 ≤ 𝑖 ≤ 6} −→ {0, 1, 2, . . . , 𝑞 − 1, 𝑞}
Suppose
𝐿𝑜𝑔 𝐼𝐷𝑟 𝐿𝑜𝑔 𝐼𝐷𝑠
𝑢𝑠𝑒𝑟 𝑗
𝑔[𝑢𝑠𝑒𝑟 𝑗] =∣ 𝑔(𝜎(𝑟)) − 𝑔(𝜎(𝑠)) ∣∈ {1, 2, . . . , 𝑞}
where 1 ≤ 𝑟, 𝑠 ≤ 6, 𝑟 ∕= 𝑠
∙ 𝑔 : 𝐸(𝐺) −→ {1, 2, . . . , 𝑞}
∙ 𝑔 is kept secret, but 𝑔[𝑢𝑠𝑒𝑟 𝑗] is given for each 𝑢𝑠𝑒𝑟 𝑗
∙ 𝑔[𝑢𝑠𝑒𝑟 𝑗] is called 𝑢𝑠𝑒𝑟 − 𝐼𝐷
𝐿𝑜𝑔 𝐼𝐷𝑟 𝐿𝑜𝑔 𝐼𝐷𝑠
𝑢𝑠𝑒𝑟 𝑗
(𝜎(𝑟), 𝜎(𝑠)) are two Login IDs for the 𝑢𝑠𝑒𝑟 𝑗
∙ Entire Network is kept secret
∙ 𝒫 : 𝑉 (𝐺) −→ {𝑝1, 𝑝2, . . . , 𝑝6} where 𝑝𝑖, 1 ≤ 𝑖 ≤ 6 are distinct odd primes
with 𝑞 < 𝑚𝑖𝑛{𝑝𝑖}, 1 ≤ 𝑖 ≤ 6, 𝑞 < 𝑝𝑗∀𝑗 ( 𝒫 is kept secret)
𝐿𝑜𝑔 𝐼𝐷𝑟 𝐿𝑜𝑔 𝐼𝐷𝑠
𝑢𝑠𝑒𝑟 𝑗
𝜎(𝑟) 𝜎(𝑠)
𝑘𝑛𝑜𝑤𝑛
𝑔[𝑢𝑠𝑒𝑟 𝑗] is known 1 ≤ 𝑗 ≤ 12
∙ Define 𝑒𝑗 : (𝑒𝑗, (𝑝𝑟 − 1)(𝑝𝑠 − 1)) = 1 ( 𝑒𝑗 kept secret)
17. 17
𝑦 ≡ 𝑚12 (𝑚𝑜𝑑 𝑝1𝑝6) 𝑦 has a unique solution 𝑚𝑜𝑑( 𝑝1𝑝2 . . . 𝑝6)
Thus 𝑦 is the common secret shared by the group 𝐵 Non-Conflict users
𝑧 ≡ 𝑚7 (𝑚𝑜𝑑 𝑝1𝑝4)
𝑧 ≡ 𝑚9 (𝑚𝑜𝑑 𝑝2𝑝5)
𝑧 ≡ 𝑚11 (𝑚𝑜𝑑 𝑝3𝑝6) 𝑧 has a unique solution 𝑚𝑜𝑑( 𝑝1𝑝2 . . . 𝑝6)
Thus 𝑧 is the common secret shared by the group 𝐶 Non-Conflict users
𝑤 ≡ 𝑚1 (𝑚𝑜𝑑 𝑝1𝑝2)
𝑤 ≡ 𝑚6 (𝑚𝑜𝑑 𝑝4𝑝6)
𝑤 ≡ 𝑚10 (𝑚𝑜𝑑 𝑝3𝑝5) 𝑤 has a unique solution 𝑚𝑜𝑑( 𝑝1𝑝2 . . . 𝑝6)
Thus 𝑤 is the common secret shared by the group 𝐷 Non-Conflict users
𝐼𝐷11
𝐼𝐷10
𝐼𝐷12
𝐼𝐷9
𝐼𝐷8
𝐼𝐷7
𝐼𝐷6
𝐼𝐷5
𝐼𝐷4
𝐼𝐷3 𝐼𝐷2
𝐼𝐷1
∙ There are 12 persons and 30 users in the given network
∙ Any two persons can be utilized by at most one user
∙ Every person is used by exactly five users
∙ Represent the persons by the nodes (vertices) of the graph 𝐺
18. 18
∙ If there is a 𝑢𝑠𝑒𝑟 − 𝑗 using persons 𝐼𝐷𝑟 and 𝐼𝐷𝑠, then join them by an
edge
∙ Each persons have 𝑘 individual messages
i.e., 𝐼𝐷𝑟 have the message {𝑐𝑟1, 𝑐𝑟2, . . . , 𝑐𝑟𝑘}
∙ 𝑔 : 𝐸(𝐺) −→ {𝑝1, 𝑝2, . . . , 𝑝30}
∙ 𝑔 is kept secret, but 𝑔[𝑢𝑠𝑒𝑟 𝑗] is given for each 𝑢𝑠𝑒𝑟 𝑗
∙ 𝑔[𝑢𝑠𝑒𝑟 𝑗] is called 𝑢𝑠𝑒𝑟 − 𝐼𝐷
∙ For each person they have
(5
2
)
RS-prime
∙ Decompose the persons (vertices) into subset of 𝐼𝐷𝑠 (set of Independent
sets)
∙ 𝐴 = {𝐼𝐷1, 𝐼𝐷7, 𝐼𝐷12} :
𝐼𝐷1 ←→ {𝑝19, 𝑝22, 𝑝25, 𝑝28, 𝑝29}
𝐼𝐷7 ←→ {𝑝11, 𝑝15, 𝑝16, 𝑝23, 𝑝27}
𝐼𝐷12 ←→ {𝑝1, 𝑝3, 𝑝8, 𝑝9, 𝑝12}
∙ Define congruences equations for the set 𝐴, 𝐵, 𝐶 and 𝐷 as follows
𝑥 ≡ 𝑏1 (𝑚𝑜𝑑 𝑚1) where 𝑏1 ∈ {𝑐11, 𝑐12, . . . , 𝑐1𝑘} and 𝑚1 ∈
(5
2
)
𝑥 ≡ 𝑏2 (𝑚𝑜𝑑 𝑚2) where 𝑏2 ∈ {𝑐71, 𝑐72, . . . , 𝑐7𝑘} and 𝑚1 ∈
(5
2
)
𝑥 ≡ 𝑏3 (𝑚𝑜𝑑 𝑚3) 𝑏3 ∈ {𝑐121, 𝑐122, . . . , 𝑐12𝑘} and 𝑚1 ∈
(5
2
)
𝑥 has a unique solution 𝑚𝑜𝑑( 𝑚1𝑚2𝑚3)
Thus 𝑥 is the common secret shared by the group 𝐴
19. 19
𝐼𝐷11
𝐼𝐷10
𝐼𝐷12
𝐼𝐷9
𝐼𝐷8
𝐼𝐷7
𝐼𝐷6
𝐼𝐷5
𝐼𝐷4
𝐼𝐷3 𝐼𝐷2
𝐼𝐷1
1
23
4
5
6
7
8
9
10
11
12
13
14
1516
17
18
19
20
22
21
23
24
25
26
27
28
29
30
3 Conclusion
This paper dealt with two fundamental cryptographic tools that are useful in
such contexts: generalized secret sharing scheme and key distribution schemes.
Both secret sharing schemes and key distribution schemes are used in multi-
party systems. secret sharing schemes enables some predetermined sets of parties
to reconstruct a given secret. These schemes make it possible to store secret
information in a network, such that only good subsets can reconstruct the
information. Furthermore, by using these schemes we can allow only better
subsets to perform action in a system.
References
[1] R. Alleaume, N. Lutkenhaus, R. Renner, P. Grangier, T. Debuisschert, G.
Ribordy, N. Gisin, P. Painchault, T. Pornin, L. Slavail, M. Riguidel, A.
Shilds, T. Langer, M. Peev, M. Dianati, A. Leverrier, A. Poppe, J. Bouda,
C. Branciard, M. Godfrey, J. Rarity, H. Weinfurter, A. Zeilinger, and C.
20. 20
Monyk. Quantum key distribution and cryptography: a survey. In S. L.
Braunstein, H.-K. Lo, K. Paterson, and P. Ryan, editors, Classical and
Quantum Information Assurance Foundations and Practice, number 09311 in
Dagstuhl Seminar Proceedings, Dagstuhl, Germany, 2010. Schloss Dagstuhl
- Leibniz-Zentrum fuer Informatik, Germany.
[2] A. Beimel. Secret-sharing schemes: a survey. In Proceedings of the Third
international conference on Coding and cryptology, IWCC’11, pages 1146,
Berlin, Heidelberg, 2011. Springer-Verlag
[3] N. Gisin, G. Ribordy, W. Tittel, and H. Zbinden. Quantum cryptography.
Rev. Mod. Phys, 74:145195, 2002.
[4] U. Maurer. Information-theoretic cryptography. In M. Wiener, editor,
Advances in Cryptology — CRYPTO ’99, volume 1666 of Lecture Notes
in Computer Science, pages 4764. Springer-Verlag, Aug. 1999.
[5] S. Wolf. Unconditional security in cryptography. In I. Damgard, editor,
Lectures on Data Security, volume 1561 of Lecture Notes in Computer
Science, pages 217250. Springer Berlin / Heidelberg, 1999.
[6] Blakley, G. R. (1979). Safeguarding cryptographic keys. Proceedings of the
National Computer Conference 48: 313317.
[7] Shamir, Adi (1979). How to share a secret. Communications of the ACM 22
(11): 612613.
[8] Knuth, Donald (1997). Seminumerical Algorithms. The Art of Computer
Programming. 2 (3 ed.). Addison-Wesley. p. 505.