Conference Papers Year : 2012

Security Limitations of Using Secret Sharing for Data Outsourcing

Jonathan L. Dautrich
  • Function : Author
  • PersonId : 1010027
UC Riverside - University of California [Riverside]
Chinya V. Ravishankar
  • Function : Author
  • PersonId : 1010028
UC Riverside - University of California [Riverside]

Abstract

Three recently proposed schemes use secret sharing to support privacy-preserving data outsourcing. Each secret in the database is split into n shares, which are distributed to independent data servers. A trusted client can use any k shares to reconstruct the secret. These schemes claim to offer security even when k or more servers collude, as long as certain information such as the finite field prime is known only to the client. We present a concrete attack that refutes this claim by demonstrating that security is lost in all three schemes when k or more servers collude. Our attack runs on commodity hardware and recovers a 8192-bit prime and all secret values in less than an hour for k = 8.

Domains

Fichier principal
Vignette du fichier
978-3-642-31540-4_12_Chapter.pdf (489.16 Ko) Télécharger le fichier
Origin Files produced by the author(s)
licence
CC BY 4.0 - Attribution

Connect in order to contact the contributor

https://inria.hal.science/hal-01534766

Submitted on : Thursday, June 8, 2017-11:06:31 AM

Last modification on : Tuesday, November 19, 2024-2:04:09 PM

Long-term archiving on : Saturday, September 9, 2017-12:51:52 PM

Download

Dates and versions

hal-01534766 , version 1 (08-06-2017)

Licence

CC BY 4.0 - Attribution

Identifiers

Cite

Jonathan L. Dautrich, Chinya V. Ravishankar. Security Limitations of Using Secret Sharing for Data Outsourcing. 26th Conference on Data and Applications Security and Privacy (DBSec), Jul 2012, Paris, France. pp.145-160, ⟨10.1007/978-3-642-31540-4_12⟩. ⟨hal-01534766⟩

Export

Collections

392 View
196 Download

Altmetric

Share

  • More