Contoh penerapan Aljabar dalam kehidupan sehari-hari. Salah satunya adalah Shamir Secret Sharing

Sharing

A Simple Applications of Polynomial Ring to

Protect Your Secret

Motivation

It is not a good idea to keep the whole secret alone

Especially if it is highly sensitive and highly important.

The way to solve this problem is to divide the original secret into

parts.

Actually, there is a rules to divide the original secret and to

reconstruct the original secret. Mathematics is important here.

Then, how we divide the secret so that it will increase the security

of the original secret?

Secret Sharing

Informally, Secret sharing is any method for distributing a secret

amongst a group of individuals (shareholders) each of which is

allocated some information (share) related to the secret.

(Adi Shamir & George Blakley, 1979)

The secret can only be reconstructed when the shares are

combined together.

Individual shares are of no use on their own.

Before we talk about Shamirs secret sharing, lets see about this

scheme first.

Threshold Scheme

The

that:

1. The reconstruction of secret requires a knowledge of or more

shares.

2. A knowledge of or less shares leaves the secret completely

undetermined.

This scheme is called the -threshold scheme and is the threshold

value

The main idea is:

two points are sufficient to define a line, 3 points are sufficient to

define a parabola, 4 points to define a cubic curve and so forth

That is, points are sufficient to define a polynomial of degree .

Shamirs secret sharing scheme is a -threshold scheme based from

polynomial interpolation.

Instead

of sharing the random numbers, Shamirs secret sharing scheme

generate a polynomial

from random numbers which is an elements of finite field of size and again

where is prime numbers.

How to Share

Recall the polynomial over

Suppose that the secret to be divided into shares.

Then, compute

for

So we have an ordered pairs of points , which is the shares, to be

distributed to participants or shareholders.

Let contain exactly elements

Formalizing the Lagrange interpolation over a finite field. Let for

Thus

is the original secret.

Example

Let and the threshold value be

Choose at random and in . For example and

Now we have over

Then generate as many share as we wish. For example if we have

over . Hence,

Observation

Properties:

1. Information theoretically secure

2. Make us of Lagrange interpolation

3. Space efficient

Advantages:

1.

Keeping fixed, shares can be easily added or removed without affecting other share

2.

3.

Problems

1. If the participants cheat in reconstruction of secret, the secret

cannot be recovered. That is, every persons/parties should tell

the truth or the secret can not be reconstructed.

2. The scheme is one-time.

3. The scheme only allows revealing a secret, not computing with it.

Another Scheme

Verifiable Secret Sharing (VSS) could fix the first problem above.

Proactive Secret Sharing: periodically renew the shares (from

Shamirs scheme) without changing the secret S.

