Abstract

A publicly verifiable secret sharing (PVSS) scheme based on the m-multilinear Diffie-Hellman hard assumption was proposed by Q. Peng et al., where the public values published by a dealer are verifiable before reconstructing a secret. In addition, the scheme has the advantages that the shares’ cheating/modification by some dishonest participants and dealer’s malicious behavior in shares’ generation and/or distribution can be detected. In this work, we cryptanalyze the scheme and find that a well-known attack called man-in-the-middle (MITM) is possible if the users’ secret shares are modified because they remain undetected and, as a result, a modified common secret is reconstructed by a group of any 1 < t ≤ n participants. We address this issue and propose some modifications of the PVSS scheme with $\left(m+1\right)$ multilinear operations and two additional public values such that the MITM attack is infeasible and the scheme becomes secure. In addition, the proposed improvement is made adeptly without hampering performance, i.e., the computation cost has been marginally increased in our proposed improvement.

摘要

Q. Peng 等人提出了一种基于m -多线性 Diffie-Hellman 硬假设的公开可验证秘密共享 (PVSS) 方案，其中经销商发布的公共值在重构秘密之前是可验证的。此外，该方案的优点是可以检测到一些不诚实的参与者对股票的欺骗/修改和经销商在股票生成和/或分配中的恶意行为。在这项工作中，我们对该方案进行了密码分析，发现如果用户的秘密共享因未被发现而被修改，则可能会发生一种称为中间人(MITM)的著名攻击，因此，修改后的公共secret 由一组任意 1  < t ≤ n参与者。我们解决了这个问题并提出了 PVSS 方案的一些修改$\left(米+\mathrm{1个}\right)$多线性操作和两个额外的公共值使得 MITM 攻击不可行并且该方案变得安全。此外，在不影响性能的情况下巧妙地进行了提议的改进，即在我们提议的改进中计算成本略有增加。