Distributed proactive password-based secret sharing
First Claim
1. A method, comprising:
- obtaining a difference between an updated value of a share and a prior value of said share for at least one fixed-share party, wherein said updated value comprises a fixed share that is one of a plurality of shares of a secret, wherein said plurality of shares are held by a plurality of parties;
substantially randomly selecting, by said at least one fixed-share party, a first correction polynomial employed by a polynomial-based secret sharing scheme such that at least one polynomial coefficient corresponding to said at least one fixed-share party is a value that depends on the difference, wherein at least one non-fixed-share party substantially randomly selects a second correction polynomial such that at least one corresponding polynomial coefficient corresponding to said at least one non-fixed-share party is approximately zero;
obtaining said at least one corresponding polynomial coefficient of said second correction polynomial from said at least one non-fixed-share party; and
updating said fixed share by combining said prior value of said share with said at least one corresponding polynomial coefficient of said first correction polynomial and said at least one corresponding polynomial coefficient of said second correction polynomial.
17 Assignments
0 Petitions
Accused Products
Abstract
Distributed proactive threshold password-based secret sharing schemes are provided. An exemplary method comprises obtaining a difference between updated and prior values of a share for at least one fixed-share party. The updated value comprises a fixed share that is one of a plurality of shares of a secret held by a plurality of parties. A fixed-share party randomly selects a first correction polynomial employed by a polynomial-based secret sharing scheme such that at least one polynomial coefficient corresponding to the fixed-share party is a value that depends on the difference. A non-fixed-share party randomly selects a second correction polynomial such that at least one corresponding polynomial coefficient corresponding to the non-fixed-share party is approximately zero. A polynomial coefficient of the second correction polynomial is obtained from the non-fixed-share party and the fixed share is updated by combining the prior value of the share with the at least one corresponding polynomial coefficient of the first correction polynomial and the polynomial coefficient of the second correction polynomial.
14 Citations
20 Claims
-
1. A method, comprising:
-
obtaining a difference between an updated value of a share and a prior value of said share for at least one fixed-share party, wherein said updated value comprises a fixed share that is one of a plurality of shares of a secret, wherein said plurality of shares are held by a plurality of parties; substantially randomly selecting, by said at least one fixed-share party, a first correction polynomial employed by a polynomial-based secret sharing scheme such that at least one polynomial coefficient corresponding to said at least one fixed-share party is a value that depends on the difference, wherein at least one non-fixed-share party substantially randomly selects a second correction polynomial such that at least one corresponding polynomial coefficient corresponding to said at least one non-fixed-share party is approximately zero; obtaining said at least one corresponding polynomial coefficient of said second correction polynomial from said at least one non-fixed-share party; and updating said fixed share by combining said prior value of said share with said at least one corresponding polynomial coefficient of said first correction polynomial and said at least one corresponding polynomial coefficient of said second correction polynomial. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14)
-
-
15. A non-transitory machine-readable recordable storage medium, wherein one or more software programs when executed by one or more processing devices implement the following steps:
-
obtaining a difference between an updated value of a share and a prior value of said sham for at least one fixed-share party, wherein said updated value comprises a fixed share that is one of a plurality of shares of a secret, wherein said plurality of shares are held by a plurality of parties; substantially randomly selecting, by said at least one fixed-share party, a first correction polynomial employed by a polynomial-based secret sharing scheme such that at least one polynomial coefficient corresponding to said at least one fixed-share party is a value that depends on the difference, wherein at least one non-fixed-share party substantially randomly selects a second correction polynomial such that at least one corresponding polynomial coefficient corresponding to said at least one non-fixed-share party'"'"' is approximately zero; obtaining said at least one corresponding polynomial coefficient of said second correction polynomial from said at least one non-fixed-share party; and updating said fixed share by combining said prior value of said share with said at least one corresponding polynomial coefficient of said first correction polynomial and said at least one corresponding polynomial coefficient of said second correction polynomial.
-
-
16. An apparatus, comprising:
-
a memory, and at least one hardware device, coupled to the memory, operative to implement the following steps; obtaining a difference between an updated value of a share and a prior value of said share for at least one fixed-share party, wherein said updated value comprises a fixed share that is one of a plurality of shares of a secret, wherein said plurality of shares are held by a plurality of parties; substantially randomly selecting, by said at least one fixed-share party, a first correction polynomial employed by a polynomial-based secret sharing scheme such that at least one polynomial coefficient corresponding to said at least one fixed-share party is a value that depends on the difference, wherein at least one non-fixed-share party substantially randomly selects a second correction polynomial such that at least one corresponding polynomial coefficient corresponding to said at least one non-fixed-share party is approximately zero; obtaining said at least one corresponding polynomial coefficient of said second correction polynomial from said at least one non-fixed-share party; and updating said fixed share by combining said prior value of said share with said at least one corresponding polynomial coefficient of said first correction polynomial and said at least one corresponding polynomial coefficient of said second correction polynomial. - View Dependent Claims (17, 18, 19, 20)
-
Specification