IET Information Security
Research Article
Outsourcing secret sharing scheme based on
homomorphism encryption
ISSN 1751-8709
Received on 20th February 2017
Revised 2nd August 2017
Accepted on 13th September 2017
doi: 10.1049/iet-ifs.2017.0026
www.ietdl.org
En Zhang
1,2
, Jie Peng
1
, Ming Li
1
1
College of Computer and Information Engineering, Henan Normal University, Xinxiang 453007, People's Republic of China
2
Engineering Lab of Intelligence Business & Internet of Things of Henan Province, Xinxiang 453007, People's Republic of China
E-mail: zhangenzdrj@163.com
Abstract: Secret sharing is an important component of cryptography protocols and has a wide range of practical applications.
However, the existing secret sharing schemes cannot apply to computationally weak devices and cannot efficiently guarantee
fairness. In this study, a novel outsourcing secret sharing scheme is proposed. In the setting of outsourcing secret sharing,
clients only need a small amount of decryption and verification operations, while the expensive reconstruction computation and
verifiable computation can be outsourced to cloud service providers (CSP). The scheme does not require complex interactive
argument or zero-knowledge proof. The malicious behaviour of clients and CSP can be detected in time. Moreover, the CSP
cannot get any useful information about the secret, and it is fair for every client to obtain the secret. At the end of this study, the
authors prove the security of the proposed scheme and compare it with other secret sharing schemes.
1 Introduction
Secret sharing is an important cornerstone in modern cryptography
which has a wide range of applications, such as access control,
secure data storage, electronic auctions with private bids and so on.
In 1979, Shamir [1] and Blakley [2], respectively, proposed the (t,
n) threshold secret sharing schemes. In their schemes, a secret S is
divided into n pieces called shares, which are then distributed
among participants by the dealer. Only t or more participants can
reconstruct the secret, and any t − 1 participants cannot get any
useful information about the secret. Unfortunately, the schemes
cannot prevent the dealer and participants from cheating, and only
one secret is able to be shared at one time. In order to solve the
problem of cheating from participants and dealer, the concept of
verifiable secret sharing (VSS) was proposed by Chor et al. [3]. In
the scheme, participants can verify the consistency of shares.
Feldman [4] and Pedersen [5], respectively, proposed a non-
interactive VSS scheme. Later, in order to make multiple secrets be
shared at one time, a series of works [6–11] have been carried out
on multi-secret sharing scheme. In these schemes, multiple secrets
are able to be recovered at the same time, without changing the
shares of every participant. In the phase of secret reconstruction,
each authorised participant only needs to provide pseudo-shares.
Recently, Cramer and Damgard [12] proposed a linear secret
sharing scheme based on linear error correcting codes and linear
universal hash functions. With the application of randomised
component which binds share of every participant with all
participants’ public information, Miao et al. [13] proposed a (t, m,
n)-group oriented secret sharing scheme. Mohammad et al. [14]
proposed a dynamic and verifiable multi-secret sharing scheme
based on hermite interpolation and bilinear maps.
In the classical secret sharing scheme, every participant is either
honest or malicious. The honest participants are willing to
cooperate in the reconstruction phase. However, the malicious
participants may deviate from protocols. In 2004, combining
traditional cryptography with game theory, Halpern and Teague
[15] first proposed rational secret sharing and secure multi-party
computation (SMC). They showed that the protocols must be
multiple rounds, and the participants did not know the real secret
reconstruction round. In the scheme, participants are neither honest
nor malicious, but being rational. Subsequently, Maleka et al. [16]
proposed a rational secret sharing scheme based on repeated
games. Tian et al. [17] proposed a game-theoretic analysis for the
secret sharing scheme. Zhang and Liu [18] leveraged imperfect
information of the extensive game theory to design a rational secret
sharing scheme. Tian et al. [19] proposed a secret sharing scheme
based on Bayesian game. Zhang and Cai [20] proposed a rational
multi-secret sharing scheme under point-to-point communication
networks.
However, all the above schemes, both classic and rational secret
sharing, are not fully satisfied. On the one hand, the schemes suffer
from computational efficiency problem in reconstruction and
verification phases. Therefore, the schemes cannot apply to devices
with weak capacity of computation, such as, smart phone, tablet
PC, PDA and so on. On the other hand, the schemes cannot
efficiently achieve fairness, which guarantees that if one participant
learns the secret, the other participants do too. In traditional secret
sharing schemes, participants have no incentive to broadcast their
shares. In contrast, the rational secret sharing schemes require
running multi-round to guarantee fairness, which are rather
inefficient, especially for computationally weak devices. Recently,
smart phones are becoming popular in our daily life and more and
more people use them to store private data and pay bills. In
addition, with the rapid development of cloud computing, cloud is
not only beneficial to data storage but also to computation.
Specifically, the large number of complex computations of clients
can be outsourced to cloud service provider (CSP), so clients with
weak computing ability can enjoy unlimited computing resources.
In the recent years, many concerns have been raised regarding
security issues of the cloud computing. The authors in [21–23]
introduced the full homomorphic encryption, but the proposed
schemes usually assume a single public/private key pair. Lopez et
al. [24] introduced the concept of on-the-fly SMC under multiple
keys. However, its efficiency is far from practical, and it also needs
to run interactions among participants during the decryption phase.
Peter et al. [25] proposed an efficient outsourcing multiparty
computation scheme under multiple keys. Combining property
encryption and proxy oblivious transfer, Gordon et al. [26]
proposed a multi-client verifiable outsourcing computation with
strong security assurance. Later, Chenyutao et al. [27] proposed
cross-group secret sharing for secure cloud storage service. Atsushi
et al. [28] proposed performance evaluation on data management
approach for multiple clouds based on secret sharing. Zhang et al.
[29] proposed server-aided private set intersection based on
reputation. Unfortunately, all the existing schemes are still far from
practical for secret sharing scheme.
Nowadays, due to the rapid development of cloud computing
and the proliferation of mobile devices, outsourcing data storage
IET Inf. Secur.
© The Institution of Engineering and Technology 2017
1