International Workshop on Secret
Sharing and Security
Friday February 23, 2018
Owen Glenn Building room 260-321
University of Auckland, New Zealand
This one day meeting is to discuss some questions on secret sharing and its applications, as well as current research in the wider field of cryptography and security.
The organisers are Arkadii Slinko and Steven Galbraith, both at the Mathematics Department of the University of Auckland.
The event will take place at the University of Auckland. Details of the lecture room will be provided nearer the time. The workshop is free, but please email a.slinko@auckland.ac.nz if you are planning to attend so that we can organise appropriate catering.
Programme
9:50-10:00 |
Welcome |
10:00-10:40 |
Arkadii Slinko "Characterization of ideal weighted secret sharing schemes" |
10:40-11:10 |
Coffee |
11:10-11:50 |
Satoshi Obana "Cheating Prevention in Secret Sharing Schemes" |
11:50-12:30 |
Joanne L Hall "Attacking code-based cryptosystems using decoding failure side channel information" |
12:30-2:00 |
Lunch |
2:00-2:50 |
Yvo Desmedt "From Secret Sharing to Protecting Critical Infrastructures" |
2:50-3:30 |
Steven Galbraith "Some open problems in cryptography" |
3:30-4:10 |
Wei Qi Yan "Visual Cryptography and Currency Security" |
4:10-4:30 |
Arkadii Slinko "A New Model for Rational Secret Sharing" |
Titles and Abstracts
- Yvo Desmedt (University of Texas at Dallas, USA) "From Secret Sharing to Protecting Critical Infrastructures"
An important application of secret sharing is in the context of reliable and
private communication over a network when sender and receiver do not have
pre-agreed keys and do not trust public key systems. We briefly explain this
link, which extends the classical work on network reliability to include
privacy. This topic is called ``Private and Secure Message Transmission''
(PSMT).
Data networks are just one example of networks. Distribution of electricity,
fuel, gas, water, etc., all use the concept of network. We will see what
results of the research on PSMT extend to this type of network. Not all types
of critical infrastructures can be modeled this way. We explain the use of
AND/OR graphs to model critical infrastructures. We use economics to study
what components (or lack of it) of a critical infrastructure cause the biggest
disruption when destroyed by an adversary who has a limited budget. The
problem of identifying these components might be computationally hard. We also
discuss protection issues.
- Satoshi Obana (Hosei University, Japan) "Cheating Prevention in Secret Sharing Schemes"
Secret sharing is now widely used to protect sensitive information in not only closed systems but also open system such as cloud storage. To deal with critical information such as medical date securely, we must prevent malicious parties from forging a secret to be reconstructed. In this talk, we will talk about secret sharing scheme with cheating prevention functionality. Here, we consider cheaters who try to forge secret by forging their shares in secret reconstruction phase. We introduce general techniques for cheating detection and cheater identification against such type of cheating, and we also discuss some open problems in this area.
- Arkadii Slinko (University of Auckland) "A New Model for Rational Secret Sharing"
In secret sharing (and cryptography, in general), there are several types of assumptions on agents who do not follow the protocol or follow it with retaining information they are not allowed to retain: honest-but-curious (semi-honest), malicious (adversarial), etc. Sometimes it is assumed that there is an adversary that controls all malicious agents and forces them to violate the protocol in a way she dictates. Halpern and Teague noticed that, if agents are humans, there may be more earthly reasons for agents to `behave badly'. It can be that agents are `rational' in the sense that they have utilities for all outcomes and they optimise their (expected) utility. Assuming that agents are greedy, they showed that under no deterministic protocol the secret will be ever recovered. We explore different scenarios. In particular, we consider the case when a secret sharing scheme implements a certain power sharing agreement in the society. We discover some Nash equilibria under which the secret will be recovered.
- Joanne L Hall (RMIT, Melbourne, Australia) "Attacking code-based cryptosystems using decoding failure side channel information"
Joint work with Margreta Kuijper (Melbourne Uni)
The McEliece Cryptosystem, also called Code Based Cryptography, is a candidate for a public
key crypto system which is resistant to attack by quantum computers. McEliece's
original 1978 paper used Goppa Codes, however Goppa codes lead to impractically large key sizes. To reduce the key size, various researchers have proposed to replace the Goppa code by a structured binary code (LDPC/ quasi-cyclic MDPC). However, the resulting cryptosystem is vulnerable to attacks; in this talk we give an overview of attacks that use decoder failure events to gather information about the message/private key. Thus decoding failures act as a side channel from which information can be gathered. We conclude that any such code-based cryptographic protocol requires careful management of decoding failure events.
- Steven Galbraith (University of Auckland) "Some open problems in cryptography"
I will survey some active research areas in crypto and mention some of the open mathematical problems in them.
- Wei Qi Yan (Auckland University of Technology) "Visual Cryptography and Currency Security"
Visual cryptography provides a very powerful technique by which one secret can be split into two or more pieces known as shares using secret sharing. When these shares are xeroxed onto transparencies and superimposed exactly together, the original secret can be recovered without the necessity for computation. In this talk, many types of visual cryptography will be introduced. Practical VC applications are also discussed. In this talk, we also consider applying VC to currency security. Our recent research progress in currency security will be detailed.