Journal of Applied Mathematics and Physics
Vol.02 No.13(2014), Article ID:52519,5 pages
10.4236/jamp.2014.213140
A Multi-Secret Sharing Scheme with Many Keys Based on Hermite Interpolation
Tomoko Adachi1, Chie Okazaki2
1Department of Information Sciences, Toho University, Funabashi, Japan
2Kowa Electric Industry Co., Ltd., Kawasaki, Japan
Email: adachi@is.sci.toho-u.ac.jp
Copyright © 2014 by authors and Scientific Research Publishing Inc.
This work is licensed under the Creative Commons Attribution International License (CC BY).
http://creativecommons.org/licenses/by/4.0/
Received 10 November 2014; revised 1 December 2014; accepted 7 December 2014
ABSTRACT
A secret sharing scheme is one of cryptographies. A threshold scheme, which is introduced by Shamir in 1979, is very famous as a secret sharing scheme. We can consider that this scheme is based on Lagrange's interpolation formula. A secret sharing scheme has one key. On the other hand, a multi-secret sharing scheme has more than one keys; that is, a multi-secret sharing sche- me has 
keys. Dealers distribute shares of keys among 
participants. Gathering 
participants, keys can be reconstructed. In this paper, we give a scheme of a 
multi-secret sharing based on Hermite interpolation, in the case of
.
Keywords:
Secret Sharing Scheme, Multi Secret Sharing Scheme, Hermite Interpolation
1. Introduction
A secret sharing scheme is one of cryptographies. A secret sharing scheme was introduced by Shamir in 1979 [1] and Blakley in 1979 [2] independently. A secret sharing scheme has been studied by many scientists until today. Now, a secret sharing scheme has some important application to several areas of the information security.
The secret sharing scheme is a method to distribute shares of a secret value―we call it a key, too―
among a set of participants 
such a way that only the qualified subsets of 
are able to reconstruct the value of 
from their shares. In 1979, Shamir [1] introduced the secret sharing scheme which was based on Lagrange’s interpolation formula. This scheme is called Shamir’s threshold scheme. In 1987, Feldman [3] studied a verifiable scheme in distributing system. In 1992, Pedersen [4] applied a verifiable secret sharing scheme to Shamir’s threshold scheme.
A secret sharing scheme has one key
. On the other hand, a multi-secret sharing scheme has more than one keys; that is, a multi-secret sharing scheme has 
keys
. Dealers distribute shares of keys
among 
participants. Let a set of participants
. Gathering 
participants, keys can be reconstructed.
Various schemes are proposed about a multi-secret sharing scheme. In 1994, Jackson et al. [5] studied a multi-secret sharing scheme for a matroid. A multi-secret sharing scheme by utilizing a one-way function is studied by He and Dawson [6] in 1994, and by Harn [7] in 1995. A multi-secret sharing scheme by utilizing a two variables one-way function is studied by He and Dawson [8] in 1995. A multi-secret sharing scheme by utilizing a linear block code is studied by Chien et al. [9] in 2000, and by Pang and Wang [10] in 2005. A multi- secret sharing scheme based on Lagrange’s interpolation is studied by Yang et al. [11] in 2004, and by Pang and Wang [10] in 2005. Recently, Adachi [12] studies a secret sharing scheme with two keys based on Hermite interpolation.
In this paper, we give a scheme of a 
multi-secret sharing based on Hermite interpolation, in the case of
. Here, 
is the number of keys, 
is the number of participants, and 
is the number of gathering participants for secret reconstruction. In a 
multi-secret sharing, we need to consider separately the cases where 
is greater than
, equal to
, or less than
. In this paper, we give new scheme in the case of
. The goal of this paper is 1) to find system parameters, 2) to construct secret distribution, and 3) to complete secret reconstruction, for a multi-secret sharing, by utilizing Hermite interpolation.
2. Lagrange’s Interpolation and Hermite Interpolation
In this section, we describe two famous interpolation formula, that is, Lagrange’s interpolation and Hermite interpolation. In numerical analysis, Lagrange’s interpolation and Hermite interpolation is a method of interpolating data points as a polynomial function.
2.1. Lagrange’s Interpolation
Suppose that a function 
is defined on a closed interval
. Given 
data points
, (
,
for
), and values
, 
, 
, 
, 
, we want to find an 
dimensional polynomial 
such that 
satisfies
, 
, 
, 
,
. In other words, I want to get an approximation of
, for any variable 
except 
data points
, by calculating the value of an 
dimensional polynomial
.
Here, we can get an 
dimensional polynomial 
by the following equation.
where an 
dimensional polynomial 
satisfies
Let
, we can decide an unique 
dimensional polynomial
. This equation is called Lagrange’s interpolation formula.
2.2. Hermite Interpolation
Hermite interpolation is an extension of Lagrange’s interpolation. When using divided differences to calculate the Hermite polynomial of a function
.
Suppose that a function 
is defined on a closed interval
. Given 
data points
, (
,
for
), and values
, 
, 
, 
, 
, and their differential values
, 
, 
, 
, 
, we want to find a 
dimensional polynomial 
such that 
satisfies
, 
, 
, 
, 
, and
, 
, 
, 
,
. In other words, I want to get an approximation of
, for any variable 
except 
data points
, by calculating the value of a 
dimensional polynomial
.
Here, it is known that we can get an unique 
dimensional polynomial 
by the following equation.
where two 
dimensional polynomial
, 
satisfy
and
This is called Hermite interpolation.
3. A Multi-Secret Sharing Scheme Based on Lagrange’s Interpolation
In this section, we describe a multi-secret sharing scheme based on Lagrange’s interpolation, which is proposed by Yang et al. in 2004. We refer to [11] . We refer to the part of Yang’s scheme in [10] , too.
In Yang et al.’s scheme, for secret distribution, the secret are distributed in two separate cases, 
and
. In Yang et al.’s scheme, also, for secret reconstruction, the secret are reconstructed in two separate cases, 
and
. Since our scheme is treating in the case of
, we describe only the case 
for secret distribution and for secret reconstruction, in Yang et al.’s scheme.
1) System parameters. Let 
be a two-variable one way function. Let 
be a large prime and all the numbers are element in the finite field
. The trusted dealer randomly selects 
distinct integers, 
, as secret shadows of participants
.
Here, we use 
to denote 
keys (secret values).
2) Secret distribution. In the case of
, the secret dealer executes the following steps:
2a) Construct a 
-th degree polynomial 
, where 
are 
keys and 
are randomly chosen from
.
2b) Randomly choose an integer 
and compute 
for
.
2c) Publish 
in any authenticated manner such as those in digital signature scheme.
3) Secret reconstruction. In the case of
, at least 
participants pool their pseudo shadows
. For example, 
participants 
pool their pseudo shadows
. By Lagrange’s interpolation polynomial, with the knowledge of 
pairs of
, the 
-th degree polynomial 
can be uniquely determined. From the obtained polynomial
, we can easily get the 
keys
.
4. Our Scheme: A Multi-Secret Sharing Scheme Based on Hermite Interpolation
In this section, we describe our new scheme, that is, a multi-secret sharing scheme based on Hermite interpolation in the case
, where 
is the number of keys (secrets), and 
is the number of necessary participants who can reconstruct keys (secrets).
In the case of
, the following theorem is known.
Theorem 1. [12] Suppose that we have two keys (secrets), 
is the number of participants, and 
is the number of necessary participants who can reconstruct two keys (secrets). We can propose a scheme of a 
secret sharing scheme with two keys based on Hermite interpolation.
We expand this theorem. In our scheme, at first, we prepare system parameters which we need. Secondly, we describe secret distribution. Finally, we describe secret reconstruction.
1) System parameters. Let 
be a two-variable one way function. Let 
be a large prime and all the numbers are element in the finite field
. The trusted dealer randomly selects 
distinct integers, 
, as secret shadows of participants
. The trusted dealer randomly selects an integer
, calculates
, 
, 
,
.
Here, we use 
to denote 
keys (secret values).
2) Secret distribution. In the case of
, the secret dealer executes the following steps:
2a) He constructs a 
-th degree polynomial 
as follows, where 
are 
keys and 
are randomly chosen from
.
2b) He computes 
and 
for
.
2c) He publishes 
in any authenticated manner such as those in digital signature scheme.
3) Secret reconstruction. In the case of
, at least 
participants execute the following steps:
3a) They pool their pseudo shadows
. For example, 
participants 
pool their pseudo shadows
.
3b) They compute 
and 
for
.
3c) They compute 
and 
for 
by utilizing the solution of (3b).
3d) By Hermite interpolation polynomial, with the knowledge of 
triplets of
, the 
-th degree polynomial 
can be uniquely determined as follows.
From the obtained polynomial 
, we can easily get the 
keys
, 
, 
,
.
As stated above, we obtain the following theorem.
Theorem 2. Suppose that 
is the number of keys (secrets), 
is the number of participants, and 
is the number of necessary participants who can reconstruct keys (secrets). In the case
, we can propose a scheme of a 
multi-secret sharing scheme with many keys based on Hermite interpolation.
Corollary 1. Suppose that 
is the number of participants, and 
is the number of necessary participants who can reconstruct keys (secrets). Theorem 2 contains a scheme of a 
secret sharing with one key based on Lagrange’s interpolation, that is, Shamir’s threshold scheme.
Proof. In the case 
of Theorem 2, we obtain Corollary 1.
(Q.E.D.)
Corollary 2. Theorem 2 contains Theorem 1.
Proof. In the case 
of Theorem 2, we obtain Corollary 2.
(Q.E.D.)
5. Computational Complexity
In this section, we compare computational complexity of our scheme which we describe in Section 4, and that of Yang et al.’s scheme which we describe in Section 3.
As regards phase 1) system parameters, the both schemes have the same amount of parameters.
As regards phase 2) secret distribution, computational complexity of our scheme is twice of that of Yang et al.’s scheme. Since, in our scheme, there are 
for
.
As regards phase 3) secret reconstruction, computational complexity of our scheme is twice of that of Yang et al.’s scheme. Since, in 3b) of our scheme, there are 
for
. In 3c) of our scheme, there
are not only 
but also 
for
. In 3d) of our scheme, there are not only 
but also
.
Hence, computational complexity of our scheme is twice of that of Yang et al.’s scheme. This is suitable, since computational complexity of Hermite interpolation is twice of that of Lagrange’s interpolation.
6. Conclusion
We can propose a new scheme of a multi-secret sharing scheme with many keys based on Hermite interpolation. Hermite interpolation is a higher precision analysis and needs more complex computation than Lagrange’s interpolation. The merit on our scheme is that we can use many keys with fine distinctions. On the other hand, the demerit on our scheme is that its computation is complex for participants.
Acknowledgements
We thank the editor and the referee for their comments.
References
- Shamir, A. (1979) How to Share a Secret. Communications of the ACM, 22, 612-613. http://dx.doi.org/10.1145/359168.359176
- Blakley, G.R. (1979) Safeguarding Cryptographic Keys. AFIPS Conference Proceedings, 48, 313-317.
- Feldman, P. (1987) A Practical Scheme for Non-Interactive Verifiable Secret Sharing. Proceedings of 28th IEEE Symposium on Foundations of Computer Science, Los Angeles, 12-14 October 1987, 427-437.
- Pedersen, T.P. (1992) Non-Interacive and Information-Theoretic Secure Verifiable Secret Sharing. Advances in Cryptology CRYPTO ’91, 129-140.
- Jackson, W.A., Martin, K.M. and O’Keefe, C.M. (1995) On Sharing Many Secrets. Advances in Cryptology― ASIACRYPT’94, 917, 42-54.
- He, J. and Dawson, E. (1994) Multistage Secret Sharing Based on One-Way Function. Electronics Letters, 30, 1591-1592. http://dx.doi.org/10.1049/el:19941076
- Harn, L. (1995) Comment: Multistage Secret Sharing Based on One-Way Function. Electronics Letters, 31, 262. http://dx.doi.org/10.1049/el:19950201
- He, J. and Dawson, E. (1995) Multisecret Sharing Scheme Based on One-Way Function. Electronics Letters, 31, 93-94. http://dx.doi.org/10.1049/el:19950073
- Chien, H.Y., Jan, J.K. and Tseng, Y.M. (2000) A Practical (t,n) Multi-Secret Sharing Scheme. IEICE Transactions on Fundamentals of Electronics, Communications and Computer Sciences, E83, 2762-2765.
- Pang, L.J. and Wang, Y.M. (2005) A New (t,n) Multi-Secret Sharing Scheme Based on Shamir’s Secret Sharing. Applied Mathematics and Computation, 167, 840-848. http://dx.doi.org/10.1016/j.amc.2004.06.120
- Yang, C.C., Chang, T.Y. and Hwang, M.S. (2004) A (t,n) Multi-Secret Sharing Scheme. Applied Mathematics and Computation, 151, 483-490. http://dx.doi.org/10.1016/S0096-3003(03)00355-2
- Adachi, T. (Submitted) A Secret Sharing Scheme with Two Keys Based on Hermite Interpolation.