Mind the Gap: Ceremonies for Applied Secret Sharing

AbstractSecret sharing schemes are desirable across a variety of real-world settings due to the security and privacy properties they can provide, such as availability and separation of privilege. However, transitioning secret sharing schemes from theoretical research to practical use must account for gaps in achieving these properties that arise due to the realities of concrete implementations, threat models, and use cases. We present a formalization and analysis, using Ellison’s notion of ceremonies, that demonstrates how simple variations in use cases of secret sharing schemes result in the potential loss of some security properties, a result that cannot be derived from the analysis of the underlying cryptographic protocol alone. Our framework accounts for such variations in the design and analysis of secret sharing implementations by presenting a more detailed user-focused process and defining previously overlooked assumptions about user roles and actions within the scheme to support analysis when designing such ceremonies. We identify existing mechanisms that, when applied to an appropriate implementation, close the security gaps we identified. We present our implementation including these mechanisms and a corresponding security assessment using our framework.

Download Full-text

Analysis of secret sharing schemes based on Nielsen transformations

Groups – Complexity – Cryptology ◽

10.1515/gcc-2018-0001 ◽

2018 ◽

Vol 0 (0) ◽

Author(s):

Matvei Kotov ◽

Dmitry Panteleev ◽

Alexander Ushakov

Keyword(s):

Computer Algebra ◽

Secret Sharing ◽

Computer Algebra System ◽

Cryptographic Protocols ◽

Secret Sharing Schemes ◽

Polynomial Equations ◽

Polynomial Size ◽

Security Properties ◽

System Of Polynomial Equations

Abstract We investigate security properties of two secret-sharing protocols proposed by Fine, Moldenhauer, and Rosenberger in Sections 4 and 5 of [B. Fine, A. Moldenhauer and G. Rosenberger, Cryptographic protocols based on Nielsen transformations, J. Comput. Comm. 4 2016, 63–107] (Protocols I and II resp.). For both protocols, we consider a one missing share challenge. We show that Protocol I can be reduced to a system of polynomial equations and (for most randomly generated instances) solved by the computer algebra system Singular. Protocol II is approached using the technique of Stallings’ graphs. We show that knowledge of {m-1} shares reduces the space of possible values of a secret to a set of polynomial size.

Download Full-text

Cheating Detectable Secret Sharing Schemes for Random Bit Strings

IEICE Transactions on Fundamentals of Electronics Communications and Computer Sciences ◽

10.1587/transfun.e96.a.2230 ◽

2013 ◽

Vol E96.A (11) ◽

pp. 2230-2234 ◽

Cited By ~ 4

Author(s):

Wakaha OGATA ◽

Toshinori ARAKI

Keyword(s):

Secret Sharing ◽

Secret Sharing Schemes

Download Full-text

A Strengthened Security Notion for Password-Protected Secret Sharing Schemes

IEICE Transactions on Fundamentals of Electronics Communications and Computer Sciences ◽

10.1587/transfun.e98.a.203 ◽

2015 ◽

Vol E98.A (1) ◽

pp. 203-212 ◽

Cited By ~ 2

Author(s):

Shingo HASEGAWA ◽

Shuji ISOBE ◽

Jun-ya IWAZAKI ◽

Eisuke KOIZUMI ◽

Hiroki SHIZUYA

Keyword(s):

Secret Sharing ◽

Secret Sharing Schemes ◽

Security Notion

Download Full-text

Probabilistic Secret Sharing Schemes for Multipartite Access Structures

IEICE Transactions on Fundamentals of Electronics Communications and Computer Sciences ◽

10.1587/transfun.e99.a.856 ◽

2016 ◽

Vol E99.A (4) ◽

pp. 856-862 ◽

Cited By ~ 3

Author(s):

Xianfang WANG ◽

Fang-Wei FU ◽

Xuan GUANG

Keyword(s):

Secret Sharing ◽

Secret Sharing Schemes ◽

Access Structures ◽

Multipartite Access Structures

Download Full-text

Using computational ethnography to enhance the curation of real-world data (RWD) for chronic pain and invisible disability use cases

ACM SIGACCESS Accessibility and Computing ◽

10.1145/3412836.3412840 ◽

2020 ◽

pp. 1-7

Author(s):

Rhonda J. Moore ◽

Ross Smith ◽

Qi Liu

Keyword(s):

Chronic Pain ◽

Real World ◽

Use Cases ◽

Real World Data ◽

World Data ◽

Invisible Disability

Download Full-text

A Multi-Tiered Framework for Insider Threat Prevention

Electronics ◽

10.3390/electronics10091005 ◽

2021 ◽

Vol 10 (9) ◽

pp. 1005

Author(s):

Rakan A. Alsowail ◽

Taher Al-Shehari

Keyword(s):

Real World ◽

Relevant Literature ◽

Security And Privacy ◽

Insider Threat ◽

Unified Framework ◽

Insider Threats ◽

Public And Private ◽

Private Organizations ◽

Confidential Data ◽

Real Value

As technologies are rapidly evolving and becoming a crucial part of our lives, security and privacy issues have been increasing significantly. Public and private organizations have highly confidential data, such as bank accounts, military and business secrets, etc. Currently, the competition between organizations is significantly higher than before, which triggers sensitive organizations to spend an excessive volume of their budget to keep their assets secured from potential threats. Insider threats are more dangerous than external ones, as insiders have a legitimate access to their organization’s assets. Thus, previous approaches focused on some individual factors to address insider threat problems (e.g., technical profiling), but a broader integrative perspective is needed. In this paper, we propose a unified framework that incorporates various factors of the insider threat context (technical, psychological, behavioral and cognitive). The framework is based on a multi-tiered approach that encompasses pre, in and post-countermeasures to address insider threats in an all-encompassing perspective. It considers multiple factors that surround the lifespan of insiders’ employment, from the pre-joining of insiders to an organization until after they leave. The framework is utilized on real-world insider threat cases. It is also compared with previous work to highlight how our framework extends and complements the existing frameworks. The real value of our framework is that it brings together the various aspects of insider threat problems based on real-world cases and relevant literature. This can therefore act as a platform for general understanding of insider threat problems, and pave the way to model a holistic insider threat prevention system.

Download Full-text

On the classification of ideal secret sharing schemes

Journal of Cryptology ◽

10.1007/bf00196772 ◽

1991 ◽

Vol 4 (2) ◽

pp. 123-134 ◽

Cited By ~ 152

Author(s):

Ernest F. Brickell ◽

Daniel M. Davenport

Keyword(s):

Secret Sharing ◽

Secret Sharing Schemes ◽

Ideal Secret Sharing Schemes

Download Full-text

Geometric secret sharing schemes and their duals

Designs Codes and Cryptography ◽

10.1007/bf01388562 ◽

1994 ◽

Vol 4 (1) ◽

pp. 83-95 ◽

Cited By ~ 43

Author(s):

Wen-Ai Jackson ◽

Keith M. Martin

Keyword(s):

Secret Sharing ◽

Secret Sharing Schemes

Download Full-text

(t,k,n) Multi-Blind Proxy Signature Scheme on Elliptic Curve

Applied Mechanics and Materials ◽

10.4028/www.scientific.net/amm.130-134.291 ◽

2011 ◽

Vol 130-134 ◽

pp. 291-294

Author(s):

Guang Liang Liu ◽

Sheng Xian Xie ◽

Wei Fu

Keyword(s):

Elliptic Curve ◽

Secret Sharing ◽

Proxy Signature ◽

Elliptic Curve Cryptosystem ◽

Secret Sharing Scheme ◽

Signature Scheme ◽

Forgery Attack ◽

Threshold Secret Sharing ◽

Sharing Scheme ◽

Security Properties

On the elliptic curve cryptosystem proposed a new multi-proxy signature scheme - (t, k, n) threshold blind proxy signature scheme.In new program blind proxy signature and (t,k,n) threshold secret sharing scheme will be combined, and will not over-concentration of the rights of the blind proxy signer .Computation of the program is small, security is high, the achieve efficiency and the utility is better .can prevent a malicious user's forgery attack and have the security properties of proxy signature.

Download Full-text

Automated Security Assessment Framework for Wearable BLE-enabled Health Monitoring Devices

ACM Transactions on Internet Technology ◽

10.1145/3448649 ◽

2022 ◽

Vol 22 (1) ◽

pp. 1-31

Author(s):

Ghazale Amel Zendehdel ◽

Ratinder Kaur ◽

Inderpreet Chopra ◽

Natalia Stakhanova ◽

Erik Scheme

Keyword(s):

Health Monitoring ◽

Denial Of Service ◽

Security And Privacy ◽

Clinical Settings ◽

Security Assessment ◽

Embedded Devices ◽

Data Manipulation ◽

Speed To Market ◽

Secure Network ◽

Monitoring Devices

The growth of IoT technology, increasing prevalence of embedded devices, and advancements in biomedical technology have led to the emergence of numerous wearable health monitoring devices (WHMDs) in clinical settings and in the community. The majority of these devices are Bluetooth Low Energy (BLE) enabled. Though the advantages offered by BLE-enabled WHMDs in tracking, diagnosing, and intervening with patients are substantial, the risk of cyberattacks on these devices is likely to increase with device complexity and new communication protocols. Furthermore, vendors face risk and financial tradeoffs between speed to market and ensuring device security in all situations. Previous research has explored the security and privacy of such devices by manually testing popular BLE-enabled WHMDs in the market and generally discussed categories of possible attacks, while mostly focused on IP devices. In this work, we propose a new semi-automated framework that can be used to identify and discover both known and unknown vulnerabilities in WHMDs. To demonstrate its implementation, we validate it with a number of commercially available BLE-enabled enabled wearable devices. Our results show that the devices are vulnerable to a number of attacks, including eavesdropping, data manipulation, and denial of service attacks. The proposed framework could therefore be used to evaluate potential devices before adoption into a secure network or, ideally, during the design and implementation of new devices.

Download Full-text