A novel linear multi-secret sharing scheme for group communication in wireless mesh networks

doi:10.1016/j.jnca.2010.03.020

Journal of Network and Computer Applications

Volume 34, Issue 2, March 2011, Pages 464-468

https://doi.org/10.1016/j.jnca.2010.03.020 Get rights and content

Abstract

Wireless mesh networks (WMNs) have emerged as an increasingly important technology that offers low-cost community wireless services. The community-oriented nature of WMNs facilitates group applications, such as webcast, distance learning, online gaming, video conferencing, and multimedia broadcasting. Security is critical for the deployment of these services. Secure group communication has become an important component in WMNs. In order to provide secure and efficient group communication in WMNs, in this paper we consider an ideal linear multi-secret sharing scheme, in which each authorized subset may have different target secret. In particular, we put forward a general method of construction for such a scheme by using monotone span programs. The correctness and security of proposed scheme are proved.

Introduction

Wireless mesh networks (WMNs) have emerged as an increasingly important technology that offers low-cost and high-bandwidth community wireless services. A WMN consists of a set of stationary wireless routers that form a multi-hop wireless backbone, and a set of mobile clients that communicate via the backbone routers. The community-oriented nature of WMNs facilitates group applications, such as webcast, distance learning, online gaming, video conferencing, and multimedia broadcasting. Many of these applications follow a communication pattern in which one or more source clients disseminate data to a changing set of receivers. The openness of the wireless environment makes security a critical concern in the deployment of such group applications.

A major security goal for group applications is providing data confidentiality such that only current group members have access to the data sent to the group. Previous communication must remain protected from newly joined members, and future communication must be protected from members who have left the group. Examples of applications that can benefit from these services are applications which disseminate sensitive content, such as multimedia conferencing, and applications which seek to ensure that only clients that have paid or registered for service can receive data, such as online video broadcasting and distance learning.

In WMNs, during a group communication session, the group members can join or leave the group at any time, with potentially high membership dynamics, possibly due to client movement or flash crowd phenomenon. The focus is on providing data confidentiality from outside adversaries (both passive and active), where an outsider is any non-group member client or backbone router. More specifically, the goal is to provide the group secrecy property, such that it is computationally infeasible for a non-member node (mobile client or backbone router) to discover the group data. This also includes the backward and forward secrecy properties which guarantee that it is computationally infeasible for a member client to gain access to the group data sent before the time it joins the group, or after the time it leaves (or is revoked from) the group, respectively.

Secure group communication is a mature research area and has a large body of research literature. The main objective of a secure group communication protocol is to ensure the data confidentiality against outsiders such that only legitimate group members can recover the group data. In this area the existing works are both in traditional wired networks (see Wong et al., 2000, Torres et al., 2007; Kim et al., 2000, Kim et al., 2001; Steiner et al., 1998, Yiu and Chan, 2004, Abad et al., 2005, Zhu et al., 2005) and in wireless networks (see Zhu et al., 2004, Balachandran et al., 2005, Kaya et al., 2003, Sun et al., 2004, Roy et al., 2005, Curtmola and Nita-Rotaru, 2007), respectively. In general, these schemes in wired networks require reliable communication from each group member to every other group member on handling group dynamics. Such reliable broadcast communication is extremely inefficient to achieve in multi-hop wireless networks, rendering them not suitable for WMNs. At the same time, none of the existing protocols in wireless networks considered the unique features of WMNs, such as static backbone routers and multiple clients sharing the same router, all of which can be leveraged for designing more optimized protocols.

In order to provide secure and efficient group communication in WMNs, in this paper we consider an ideal linear multi-secret sharing scheme, in which each authorized subset (that is, each group) may have different target secret (that is, group key). At the same time, such a scheme satisfies that only all participants of this authorized subset can recover the associated secret from their shares, otherwise, they cannot obtain any information on this secret from their shares. In particular, we put forward a general method of construction for such a scheme by using monotone span programs. We prove the correctness and security of proposed scheme.¹

In Section 2 we review the information-theoretic model of a secret sharing scheme and recall the relationship between linear secret sharing schemes (LSSS) and monotone span programs (MSP). In Section 3 we generalize the definition of an MSP to permit more than one target vector. In Section 4, by using MSP, we show how to construct an ideal linear multi-secret sharing scheme (LMSSS) for general access structures in which each authorized subset carries different target secret. The correctness and security of proposed scheme are proved. Finally, in Section 6 we give the conclusion.

Section snippets

Preliminaries

In this section we review some basic definitions concerning secret sharing schemes.

MSP with multiple target vectors

In this section we generalize the definition of an MSP to permit more than one target vector.

We denote an MSP to permit m target vectors $v_{1}, \dots, v_{m}$ by $M (K, M, ψ, m)$ , where M is a d×l matrix over a finite field $K$ and $ψ : {1, \dots, d} \to {1, \dots, n}$ is a surjective labeling map which actually distributes to each participant some rows of M. We call d the size of the MSP. For any subset $A \subseteq P$ , there is a corresponding characteristic vector ${\vec{δ}}_{A} = (δ_{1}, \dots, δ_{n}) \in {0, 1}^{n}$ where for $1 \leq i \leq n$ , δ_i=1 if and only if i∈A. Consider a

Construction of ideal LMSSS with different authorized subset carrying different secret

In this section we firstly define an m-tuple $\vec{Γ} = (Γ_{1}, \dots, Γ_{m})$ of access structures with respect to the proposed problem, i.e., for a general access structure, each authorized subset in it carries different target secret. Afterwards, we devise an ideal LMSSS which realizes such an m-tuple $\vec{Γ} = (Γ_{1}, \dots, Γ_{m})$ of access structures.

Correctness and security of our scheme

In this section we will discuss the correctness and security of our scheme.

Actually, the proof of Theorem 1 ensures the correctness and security of this scheme.

Correctness: For any $1 \leq j \leq m$ , seeing that ${\vec{r}}_{j} \in \cap_{A \in {(Γ_{j})}_{\min}} \sum_{i \in A} V_{i}$ , any subset $A \in Γ_{j}$ of participants can reconstruct the secret s_j by computing a linear combination of their shares. Hence, it holds that $H (S_{j} | A) = 0$ .

Security: At the same time, for any $1 \leq j \leq m$ , seeing that ${\vec{r}}_{j} \notin \cup_{B \in {(A_{j})}_{\max}} \sum_{i \in B} V_{i}$ , any subset $B \notin Γ_{j}$ (namely, $B \in A_{j}$ ) of participants, even

Conclusion

In this paper we explored different design choices for solving the problem of secure and efficient group communications in WMNs. We propose an ideal and perfect linear multi-secret sharing scheme by using monotone span programs, where each authorized subset may have different target secret. Finally, the correctness and security of proposed scheme are proved.

References (24)

M. Liu et al.
Linear multi-secret sharing schemes based on multi-party computation
Finite Fields and Their Applications
(2006)
Abad C, Gupta I, Yurcik W. Adding confidentiality to application-level multicast by leveraging the multicast overlay....
Balachandran R, Ramamurthy B, Zou X, Vinodchandran N. CRTDH: an efficient key agreement scheme for secure group...
Beimel A. Secure schemes for secret sharing and key distribution. Ph.D. Dissertation, Technion—Israel Inst. Technol.,...
C. Blundo et al.
Multi-secret sharing schemes
(1994)
Blundo C, De Santis A, Vaccaro U. Efficient sharing of many secrets. In: Proceedings of STACS ’93 (10th symposium on...
Curtmola R, Nita-Rotaru C. BSMR: byzantine-resilient secure multicast routing in multi-hop wireless networks. In: IEEE...
A. De Santis et al.
Multiple ramp schemes
IEEE Transactions on Information Theory
(1999)
W.-A. Jackson et al.
Multisecret threshold schemes
(1994)
W.-A. Jackson et al.
On sharing many secrets
(1995)

W.-A. Jackson et al.

Ideal secret sharing schemes with multiple secrets

Journal of Cryptology

(1996)

Karchmer M, Wigderson A On span programs. In: Proceedings of the eighth annual conference structure in complexity. San...

Cited by (10)

A multi-threshold secret image sharing scheme based on MSP
2012, Pattern Recognition Letters
Citation Excerpt :
In 2011, Hsu et al. (2011a,b) proposed an ideal multi-threshold secret sharing scheme based on monotone span programs (MSP). Later, they utilized the multi-threshold secret sharing scheme to provide secure and efficient group communication in wireless mesh networks (Hsu et al., 2011a,b). Some secret sharing applications must protect more than one secret, possibly with different access structures associated with each secret.
In this paper, we consider the problem of secret image sharing in groups with multi-threshold access structure. In such a case, multiple secret images can be shared among a group of participants, and each secret image is associated with a (potentially different) access structure. We employ Hsu et al.’s multi-secret sharing scheme based on monotone span programs (MSP) to propose a multi-threshold secret image sharing scheme. In our scheme, according to the real situation, we pre-defined the corresponding access structures. Using Hsu et al.’s method, we can achieve shadow data from multiple secret images according to these access structures. Then, we utilize the least significant bits (LSB) replacement to embed these shadow data into the cover image. Each secret image can be reconstructed losslessly by collecting a corresponding qualified subset of the shadow images. The experimental results demonstrate that the proposed scheme is feasible and efficient.
How to construct a verifiable multi-secret sharing scheme based on graded encoding schemes
2019, IET Information Security
General secret sharing based on quantum Fourier transform
2019, Quantum Information Processing
A novel integrity based mesh data encryption and decryption algorithm for dynamic WMNs
2019, International Journal of Engineering and Advanced Technology
Energy-efficient and reliable data collection in wireless sensor networks
2018, Turkish Journal of Electrical Engineering and Computer Sciences
Provably secure verifiable multi-stage secret sharing scheme based on monotone span program
2017, IET Information Security

View all citing articles on Scopus

View full text

A novel linear multi-secret sharing scheme for group communication in wireless mesh networks

Abstract

Introduction

Section snippets

Preliminaries

MSP with multiple target vectors

Construction of ideal LMSSS with different authorized subset carrying different secret

Correctness and security of our scheme

Conclusion

Finite Fields and Their Applications

Multi-secret sharing schemes

Multiple ramp schemes

IEEE Transactions on Information Theory

Multisecret threshold schemes

On sharing many secrets

Ideal secret sharing schemes with multiple secrets

Journal of Cryptology