Research And Application On Multi-Policy Threshold Secret Sharing

Secret sharing is an important branch of morden cryptography and main research of network information security. The idea of secret sharing is primely proposed to resolve the problem of authority abuse. After that, a lot of cryptographic researchers intrest in secret sharing and apply on key management, digital signature, network trust management and so on. Reaearch on secret sharing not only has great theoretical significance, but also has comprehensive practical value. With the computer network rapid development, conventional secret sharing has been unable to meet network information security safety requirement, such as multi-secret threshold sharing scheme can not distinguish the security grade of shared secrets. In order to deal with the problem, multi-policy secret sharing scheme is proposed. In the multi-policy secret sharing scheme, diffirent shared secrets correspond diffirent threshold value according the security grade of the shared secrets. The higher of the secret security level, the value is more and need more participants to cooperate when constructing it. However, present multi-policy secret sharing schemes are primary, can not solve a lot of practical problems such as verifiability between secret sender and participants, participant group changes, participants'secret share reuseable and dynamicly add new shared secrets.This dissertation analyses the research background and development status of secret sharing scheme and points out the problems of present multi-policy secret sharing scheme. On that basis, design multi-policy secret sharing which can solve practical problems. After that, dicuss the application of multi-policy secret sharing idea to digital signature and design a disguished document safety grade multi-policy threshold signature. Moreover, analysis the forward-secure threshold signature, point out the problems of the present schemes and design bilateral secure threshold signature schemes. The main contributions of this dissertation are as follows:1. Analysis the security of Jun et al. noninteractive verifiable threshold secret sharing scheme and give the method to attack their scheme. Although only public a parameter to realize the verifiability between the secret sender and participants in their scheme, fewer calculated amount than the present verifiable threshold secret sharing scheme, theire scheme is insecure and can not withstand the forge attack. In their scheme, dishonest secret sender can forge false share to participants in the secret sending stage and dishonest participants can forge false share to secret constructor.2. In order to solve the secure and efficient problems of the present multi-policy threshold secret sharing scheme, propose three multi-policy secret sharing schemes. At first, present a verifiable multi-policy threshold secret sharing scheme to solve the deceive between secret sender and participants or among the participants; secondly, present a dynamic verifiable multi-policy secret sharing scheme at that basis, ont only solve the problem of verifiability,but also solve the participant set change and add new shared secrets and so on. In this scheme, a threshold value can share a few secrets which the present multi-policy secret sharing scheme can not; at last, for the sake of reducing the communications of the above schemes, propose a multi-policy threshold secret sharing scheme without secure channel.3. Apply the multi-policy threshold secret sharing idea to the digital signature and present a group verifiable multi-policy threshold signature. In this scheme, the signing and authentication of threshold signature are between groups. Not only sharing the power of signing, but also sharing the power of authentication. Signing group can decide the threshold value according to the document secure grade and authentication group can also decide the threshold value according to the document secure grade. The role of the signing group and authentication group can change, the authentication group can sign document sending to signing group for authenticating. In order to improve the efficient and reduce the communications of the scheme, propose a group verifiable multi-policy threshold signature with distinguished authority. In this scheme, the group participant only signs a part of the whole document, so the scheme is more efficient and less communication.4. Analysis the present forward-secure threshold signature and point out their secure problem of the group signing secret and the shared secrets of the participants. Then proposed a bilateral secure threshold signature scheme. In this scheme, the group secret and the shared secrets not only have the forward-security, but also have the backward-security. The group secret or participants' shared secrets of the present time period are revealed, the group secret or participants' shared secrets the previous or later time period are also safe. At that basis, propose a bilateral secure threshold signature scheme with distinguished authority to improve the efficient.