Location via proxy:   [ UP ]  
[Report a bug]   [Manage cookies]                
Skip to main content

Optimal assignment schemes for general access structures based on linear programming

  • Published:
Designs, Codes and Cryptography Aims and scope Submit manuscript

Abstract

The paper proposes a type of secret sharing schemes called ramp assignment schemes (RAS’s) to realize general access structures (AS’s). In such a scheme, each participant is assigned a subset of primitive shares of an optimal \((k,L,m)\)-ramp scheme in such a way that the number of primitive shares assigned to each qualified subset is not less than \(k\) whereas the one corresponding to any forbidden subset is not greater than \(k-L\). RAS’s can be viewed as a generalization of multiple assignment schemes (MAS’s). For a same AS, the minimum information rate achieved by MAS’s can not be less than that achieved by RAS’s. With our method, one can find efficient suitable decompositions for general AS’s. And it provides a possibility to refine an existing \((\lambda ,\omega )\)-decomposition. We show that a RAS with minimal worst or/and average information rate can be obtained by linear programming (LP), which is in the complexity class P and much easier than the NP-hard integer programming (IP) applied to constructing optimal MAS’s. Several well-designed algorithms are further presented to cut down the size of the LP/IP problems for optimal RAS’s/MAS’s. Other contributions of the paper include: (1) the current best upper bounds of information rates of two graph AS’s on six participants are improved; (2) some specific AS’s are recognized so that one can obtain the corresponding optimal RAS’s directly, i.e., even without the need of solving LP problems; and (3) we characterize the AS’s of ideal RAS’s and of ideal MAS’s.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Subscribe and save

Springer+ Basic
$34.99 /Month
  • Get 10 units per month
  • Download Article/Chapter or eBook
  • 1 Unit = 1 Article or 1 Chapter
  • Cancel anytime
Subscribe now

Buy Now

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Similar content being viewed by others

Notes

  1. For the convenience of linear processing, we inverse the original ratios throughout this paper. And as a result, a SSS with a smaller (worst/average) information rate is more efficient than that with a larger one.

  2. We should notice that, when we say a RAS is optimal for \(\mathcal{A }\), it means that it is the most efficient scheme among all RAS’s (instead of all SSS’s) realizing \(\mathcal{A }\). Similarly, an optimal MAS for \(\mathcal{A }\) is the most efficient scheme among all MAS’s (instead of all RAS’s) realizing \(\mathcal{A }\).

References

  1. Shamir A.: How to share a secret. Commun. ACM 22(11), 612–613 (1979).

    Google Scholar 

  2. Blakley G.R.: Safeguarding cryptographic keys. In: AFIPS 1979. National Computer Conference, New York, vol. 48, pp. 137–313 (1979).

  3. Brickell E.F., Stinson D.R.: Some improved bounds on the information rate of perfect secret sharing schemes. J. Cryptol. 5(3), 153–166 (1992).

    Google Scholar 

  4. Blundo C.: Secret sharing schemes for access structures based on graphs (in Italian). Tesi di Laurea (1991).

  5. Martin K.M.: Discrete structures in the theory of secret sharing. Ph.D. thesis, Royal Holloway and Bedford New College, University of London, London (1991).

  6. Martin K.M.: New secret sharing schemes from old. J. Comb. Math. Comb. Comput. 14, 65–77 (1993).

    Google Scholar 

  7. Karnin E.D., Greene J.W., Hellman M.E.: On secret sharing systems. IEEE Trans. Inf. Theory 29, 35–41 (1983).

    Google Scholar 

  8. Capocelli R.M., Santis A.D., Gargano L., Vaccaro U.: On the size of shares for secret sharing schemes. J. Cryptol. 6(3), 157–167 (1993).

    Google Scholar 

  9. Csirmaz L.: The size of a share must be large. J. Cryptol. 10, 223–231 (1997).

    Google Scholar 

  10. Brickell E.F.: Some ideal secret sharing schemes. In: EUROCRYPT ’89, Houthalen, vol. 434, pp. 468–475 (1990).

  11. Blakley G.R., Meadows C.: Security of ramp schemes. In: CRYPTO’84, Santa Barbara, vol. 196, pp. 242–268 (1985).

  12. Yamamoto Y.: On secret sharing systems using \((k, L, n)\)-threshold scheme (in Japanese). Trans. IEICE J68-A(9), 945–952 (1985).

  13. Ito M., Saito A., Nishizeki T.: Secret sharing scheme realizing any access structure. In: IEEE Globecom 1987, Tokyo, pp. 99–102 (1987).

  14. Benaloh J., Leichter J.: Generalized secret sharing and monotone functions. In: CRYPTO’88, Santa Barbara, No. 403, pp. 25–35 (1988).

  15. Stinson D.R.: An explication of secret sharing schemes. Des. Codes Cryptogr. 2, 357–390 (1992).

    Google Scholar 

  16. Stinson D.R.: New general lower bounds on the information rate of secret sharing schemes. In: CRYPTO’92, Santa Barbara, No. 740, pp. 168–182 (1993).

  17. Stinson D.R.: Decomposition constructions for secret-sharing schemes. IEEE Trans. Inf. Theory 40, 118–125 (1994).

    Google Scholar 

  18. Blundo C., Santis A.D., Stinson D.R., Vaccaro U.: Graph decompositions and secret sharing schemes. J. Cryptol. 8, 39–64 (1995).

    Google Scholar 

  19. Blundo C., Santis A.D., Gaggia A.G., Vaccaro U.: New bounds on the information rate of secret sharing schemes. IEEE Trans. Inf. Theory 41(2), 549–554 (1995).

    Google Scholar 

  20. Dijk M.V.: On the information rate of perfect secret sharing schemes. Des. Codes Cryptogr. 6, 143–169 (1995).

    Google Scholar 

  21. Jackson W.A., Martin K.M.: Perfect secret sharing schemes on five participants. Des. Codes Cryptogr. 9, 267–286 (1996).

    Google Scholar 

  22. Dijk M.V., Jackson W.A., Martin K.M.: A general decomposition construction for incomplete secret sharing schemes. Des. Codes Cryptogr. 15, 301–321 (1998).

    Google Scholar 

  23. Li Q., Yan H., Chen K.F.: A new method of using \((k, n)\)-threshold scheme to realize any access structure (in Chinese). J. Shanghai Jiaotong Univ. 38(1), 103–106 (2004).

  24. Iwamoto M., Yamamoto H., Ogawa H.: Optimal multiple assignments based on integer programming in secret sharing schemes. In: ISIT 2004, Chicago, pp. 16–16 (2004).

  25. Dijk M.V., Kevenaar T., Schrijen G., Tuyls P.: Improved constructions of secret sharing schemes by applying \((\lambda ,\omega )\)-decompositions. Inf. Process. Lett. 99(4), 154–157 (2006).

  26. Iwamoto M., Yamamoto H., Ogawa H.: Optimal multiple assignments based on integer programming in secret sharing schemes with general access structure. Trans. IEICE E90-A(1), 101–112 (2007).

    Google Scholar 

  27. Chvátal V.: Linearing Programming. W.H. Freeman, New York (1983).

  28. Karmarkar N.: A new polynomial-time algorithm for linear programming. Combinatorica 4(4), 373–395 (1984).

    Google Scholar 

  29. Garey M.R., Johnson D.S.: Computers and Intractability: A Guide to the Theory of NP-Completeness. W.H. Freeman, New York (1990).

  30. Brickell E.F., Davenport D.M.: On the classification of ideal secret sharing schemes. J. Cryptol. 4(73), 123–134 (1991).

    Google Scholar 

  31. Blundo C., De Santis A., Vaccaro U.: Efficient sharing of many secrets. In: STACS’93, Würzburg, vol. 665, pp. 692–703 (1993).

  32. Kurosawa K., Okada K., Sakano K., Ogata W., Tsujii T.: Nonperfect secret sharing schemes and matroids. In: EUROCRYPT’93, Lofthus, pp. 126–141 (1993).

  33. Simmons G.J., Jackson W.A., Martin K.M.: The geometry of shared secret schemes. Bull. Inst. Comb. Appl. 1, 71–88 (1991).

    Google Scholar 

  34. Li Q., Li X.X., Zheng D., Chen K.F.: Optimal multiple assignments with \((m, m)\)-schemes for general access structures. Cryptology ePrint Archive, Report 2012/007, http://eprint.iacr.org/2012/007.pdf.

  35. Cormen T.H., Leiserson C.E., Rivest R.L., Stein C.: Introduction to Algorithms, 3rd edn. MIT Press, Cambridge (2009).

  36. Ye Y.: Interior Point Algorithms, Theory and Analysis. Wiley, New York (1997).

  37. Jackson W.A., Martin K.M.: A combinatorial interpretation of ramp schemes. Australas. J. Comb. 14, 51–60 (1996).

    Google Scholar 

  38. Beimel A., Chor B.: Universally ideal secret sharing schemes. IEEE Trans. Inf. Theory 40(3), 786–794 (1994).

    Google Scholar 

  39. Beimel A., Tassa T., Weinreb E.: Characterizing ideal weighted threshold secret sharing. In: TCC’05, Cambridge, vol. 3378, pp. 600–619 (2005).

  40. Beimel A., Livne N., Padró C.: Matroids can be far from ideal secret sharing. In: TCC’08, New York, vol. 4948, pp. 194–212 (2008).

Download references

Acknowledgments

The authors appreciate the supports from the National Natural Science Foundation of China under Grant Nos. 61272037, 61070249, 60970111, 61133014 and 60803146.

Author information

Authors and Affiliations

Authors

Corresponding author

Correspondence to Qiang Li.

Additional information

Communicated by D. Jungnickel.

Appendices

Appendices

1.1 Appendix 1: Proof of Lemma 2

Proof

If \(T\subseteq P-P(S), |\mathcal P (T)|=k-L\), then \(T\in \mathcal{F }, S\cup T\in \mathcal{Q }\), from (4) and (5),

$$\begin{aligned} \begin{array}{ll} 1 =\kappa -(\kappa -1) &{}\le \sum \nolimits _{w(j,S\cup T)\ge 1,j\in J}y_{j}-\sum \nolimits _{w(j,T)\ge 1,j\in J}y_{j} \\ &{}= \sum \nolimits _{w(j,S)\ge 1,j\in J}y_{j}-\sum \nolimits _{w(j,S)\ge 1,w(j,T)\ge 1,j\in J}y_{j} \\ &{}\le \sum \nolimits _{w(j,S)\ge 1,j\in J}w(j,S)y_{j}=\sum \nolimits _{p\in S}\rho _{\varPi }(p)\\ \end{array} \end{aligned}$$
(12)

Suppose \(\sum \nolimits _{p\in S}\rho _{\varPi }(p)=1\), then (12) says that \(w(j,S)\ge 1,w(j,T)\ge 1\Rightarrow y_{j}=0, w(j,S)\ge 2\Rightarrow y_{j}=0\) and \(\sum \nolimits _{w(j,T)\ge 1,j\in J}y_{j}=\kappa -1\). If \(k>L\) then \(T\ne \emptyset \). Since \(T\) is an arbitrary choice, we have \(w(j,S)\ge 1,w(j,P-P(S))\ge 1\Rightarrow y_{j}=0\), and it holds from (3) that \((\bigcup \nolimits _{p\in S}\psi (p))\cap (\bigcup \nolimits _{p\in P-P(S)}\psi (p))=\emptyset \). Moreover, since \(w(j,S)\ge 2\Rightarrow y_{j}=0\), we have \(\psi (p_S)\cap (\bigcup \nolimits _{p\in S-\{p_S\}}\psi (p))=\emptyset \). And thus \(\psi (p_{S})\cap (\bigcup \nolimits _{p\in (P-P(S))\cup (S-\{p_{S}\})}\psi (p))=\emptyset \). Now suppose \(q_{S}\in P-P(S)\), then there exists \(T\subseteq P-P(S), |\mathcal P (T)|=k-L\) such that \(q_{S}\in T, q_{S}\notin P(T-\{q_{S}\})\), thus \(\{p_{S}\}\cup (T-\{q_{S}\})\in \mathcal{F }\), now from (4), (5) and what we have proved,

$$\begin{aligned} \begin{array}{l} \sum \nolimits _{w(j,\{q_{S}\})\ge 1,j\in J}y_{j}+\sum \nolimits _{w(j,T-\{q_{S}\})\ge 1,j\in J}y_{j}-\sum \nolimits _{w(j,\{q_{S}\})\ge 1,w(j,T-\{q_{S}\})\ge 1,j\in J}y_{j}\\ \quad =\sum \nolimits _{w(j,T)\ge 1,j\in J}y_{j}=\kappa -1 \ge \sum \nolimits _{w(j,\{p_{S}\}\cup (T-\{q_{S}\}))\ge 1,j\in J}y_{j} \\ \quad =\sum \nolimits _{w(j,\{p_{S}\})\ge 1,j\in J}y_{j}+\sum \nolimits _{w(j,T-\{q_{S}\})\ge 1,j\in J}y_{j} \\ \end{array} \end{aligned}$$

which implies that \(\rho _{\varPi }(q_{S})\ge \rho _{\varPi }(p_{S})\). \(\square \)

1.2 Appendix 2: An example of pathological scheme

Let \(\varPi '\) be a RAS corresponding to (13)

$$\begin{aligned} \kappa =(k-1)/L'; \forall j\in J: y_{j}= \left\{ \begin{array}{ll} 1/L', &{} P_{j}\in \mathcal P -\{S_{r}\}\\ 0, &{} P_{j}\notin \mathcal P -\{S_{r}\}\\ \end{array}\right. \end{aligned}$$
(13)

then we have the following:

$$\begin{aligned} \left\{ \begin{array}{l} \bar{\rho }_{\varPi '}=(\sum \nolimits _{l=1}^{r-1}n_{l})/(L'\sum \nolimits _{l=1}^{r}n_{l})<(\sum \nolimits _{l=1}^{r-1}n_{l})/(L'\sum \nolimits _{l=1}^{r-1}n_{l}+(L-L')\sum \nolimits _{l=1}^{r-1}n_{l})=1/L\\ \forall Q\subseteq P, |\mathcal P (Q)|\ge k: \sum \nolimits _{w(j,Q)\ge 1,j\in J}y_{j}\ge (k-1)/L'=\kappa \\ \forall F\subseteq P, |\mathcal P (F)|\le k-L: \sum \nolimits _{w(j,F)\ge 1,j\in J}y_{j}\le (k-L)/L'=\kappa -(L-1)/L'\le \kappa -1\\ \end{array}\right. \end{aligned}$$

thus from Lemma 1, \(\varPi '\) is a RAS realizing \(\mathrm{AS}(k,L,n_{1},\ldots ,n_{r})\) with \(\bar{\rho }_{\varPi '} < 1/L\).

1.3 Appendix 3: Proof of Lemma 3

Proof

Suppose \(Q\in \mathcal{Q }^{-}\) and \(\{p_{i_{1}},p_{i_{2}}\}\subseteq Q\). As \(\varPi \) is perfect, \(Q-\{p_{i_{1}}\}\) must be a forbidden subset, thus \(|\bigcup \nolimits _{p\in Q-\{p_{i_{1}}\}}\psi (p)|\le k-L, |\bigcup \nolimits _{p\in Q}\psi (p)|=|\bigcup \nolimits _{p\in Q-\{p_{i_{1}}\}}\psi (p)|+|\psi (p_{i_{1}})|-|\psi (p_{i_{1}})\cap (\bigcup \nolimits _{p\in Q-\{p_{i_{1}}\}}\psi (p))|\ge k\), which implies that \(|\psi (p_{i_{1}})|\ge L+(|\bigcup \nolimits _{p\in Q}\psi (p)|-k)+|\psi (p_{i_{1}})\cap (\bigcup \nolimits _{p\in Q-\{p_{i_{1}}\}}\psi (p))|\). On the other hand, \(|\psi (p_{i_{1}})|\le L\) holds as \(\varPi \) is ideal. Then we have \(|\psi (p_{i_{1}})|=L, |\bigcup \nolimits _{p\in Q}\psi (p)|=k\) and \(\psi (p_{i_{1}})\cap \psi (p_{i_{2}})=\emptyset \).

Now consider the case \(\forall Q\in \mathcal{Q }^{-}, \{p_{i_{1}},p_{i_{2}}\}\nsubseteq Q\). Let \(Q\in \mathcal{Q }^{-}\) be a qualified subset containing \(p_{i_{2}}\) and \(p_{i_{3}}\in Q-\{p_{i_{2}}\}\). Set \(M=|\bigcup \nolimits _{p\in \{p_{i_{1}}\}\cup (Q-\{p_{i_{3}}\})}\psi (p)|\), then \(k-L\le M\le k\), and \(M\in \{k-L,k\}\) as \(\varPi \) is perfect. If \(M=k\), then \(\{p_{i_{1}}\}\cup (Q-\{p_{i_{3}}\})\in \mathcal{Q }^{-}\) which contradicts that \(\{p_{i_{1}},p_{i_{2}}\}\subseteq \{p_{i_{1}}\}\cup (Q-\{p_{i_{3}}\})\). Thus \(M=k-L\). And \(M\ge k-L+|\psi (p_{i_{1}})\cap \psi (p_{i_{3}})|\) implies that \(\psi (p_{i_{1}})\cap \psi (p_{i_{3}})=\emptyset \). As \(p_{i_{3}}\) is an arbitrary choice in \(Q-\{p_{i_{2}}\}\), we have \(\psi (p_{i_{1}})\cap (\bigcup \nolimits _{p\in Q-\{p_{i_{3}}\}}\psi (p))=\psi (p_{i_{1}})\cap \psi (p_{i_2})\), i.e., \(\psi (p_{i_{1}})-(\bigcup \nolimits _{p\in Q-\{p_{i_{3}}\}}\psi (p))=\psi (p_{i_{1}})-\psi (p_{i_{2}})\). Now \(M=k-L+|\psi (p_{i_{1}})-(\bigcup \nolimits _{p\in Q-\{p_{i_{3}}\}}\psi (p))|=k-L\) implies that \(\psi (p_{i_{1}})-\psi (p_{i_{2}})=\emptyset \), i.e., \(\psi (p_{i_{1}})\subseteq \psi (p_{i_{2}})\). As \(|\psi (p_{i_{1}})|=L=|\psi (p_{i_{2}})|\), we have \(\psi (p_{i_{1}})=\psi (p_{i_{2}})\). \(\square \)

Rights and permissions

Reprints and permissions

About this article

Cite this article

Li, Q., Li, X.X., Lai, X.J. et al. Optimal assignment schemes for general access structures based on linear programming. Des. Codes Cryptogr. 74, 623–644 (2015). https://doi.org/10.1007/s10623-013-9879-3

Download citation

  • Received:

  • Revised:

  • Accepted:

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s10623-013-9879-3

Keywords

Mathematics Subject Classification