122017-03-31 , 法政大学大学院情報科学研究科
Password-Protected Secret Sharing (PPSS) presented by Bagherzandi et al. is proposed in order to resolve drawbackof secret sharing which is unauthorized users can access storages storing partial information can reconstruct a secret. PPSS is a secret sharing that ensures only theowner of the secret who knows correct password to obtainthe original secret by applying password authentication to partial information. But, their model requires secure channel between user and servers and independentsecret/public key pair at the distribution phase for each secret. When a secret is large, their scheme encrypts the secret with symmetric key encryption (SKE) and the symmetric key with CPA secure public key encryption (PKE).Because of such combination, it seems difficult to prove strong security (i.e., CCA security) of their scheme at leastin the standard model. In this paper, we propose a new PPSS model and scheme. Proposed model deals with multiplesecrets with using a single secret key/public key pair and does not require secure channel during the distributionphase. Proposed scheme does not use a simple combination of SKE and PKE but use Kurosawa-Desmedt hybrid encryption that is proven to be CCA secure in the standardmodel, and is constructed by combining public key encryption part of this hybrid encryption with password authentication.The scheme is expected to be more secure than that of Bagherzandi et al.