Security Limitations of Using Secret Sharing for Data Outsourcing - Data and Applications Security and Privacy XXVI
Conference Papers Year : 2012

Security Limitations of Using Secret Sharing for Data Outsourcing

Jonathan L. Dautrich
  • Function : Author
  • PersonId : 1010027
Chinya V. Ravishankar
  • Function : Author
  • PersonId : 1010028

Abstract

Three recently proposed schemes use secret sharing to support privacy-preserving data outsourcing. Each secret in the database is split into n shares, which are distributed to independent data servers. A trusted client can use any k shares to reconstruct the secret. These schemes claim to offer security even when k or more servers collude, as long as certain information such as the finite field prime is known only to the client. We present a concrete attack that refutes this claim by demonstrating that security is lost in all three schemes when k or more servers collude. Our attack runs on commodity hardware and recovers a 8192-bit prime and all secret values in less than an hour for k = 8.
Fichier principal
Vignette du fichier
978-3-642-31540-4_12_Chapter.pdf (489.16 Ko) Télécharger le fichier
Origin Files produced by the author(s)

Dates and versions

hal-01534766 , version 1 (08-06-2017)

Licence

Identifiers

Cite

Jonathan L. Dautrich, Chinya V. Ravishankar. Security Limitations of Using Secret Sharing for Data Outsourcing. 26th Conference on Data and Applications Security and Privacy (DBSec), Jul 2012, Paris, France. pp.145-160, ⟨10.1007/978-3-642-31540-4_12⟩. ⟨hal-01534766⟩
94 View
107 Download

Altmetric

Share

More