%0 Conference Proceedings
%T Security Limitations of Using Secret Sharing for Data Outsourcing
%+ University of California [Riverside] (UC Riverside)
%A Dautrich, Jonathan, L.
%A Ravishankar, Chinya, V.
%Z Part 5: Privacy-Preserving Technologies
%< avec comité de lecture
%( Lecture Notes in Computer Science
%B 26th Conference on Data and Applications Security and Privacy (DBSec)
%C Paris, France
%Y Nora Cuppens-Boulahia
%Y Frédéric Cuppens
%Y Joaquin Garcia-Alfaro
%I Springer
%3 Data and Applications Security and Privacy XXVI
%V LNCS-7371
%P 145-160
%8 2012-07-11
%D 2012
%R 10.1007/978-3-642-31540-4_12
%Z Computer Science [cs]Conference papers
%X Three recently proposed schemes use secret sharing to support privacy-preserving data outsourcing. Each secret in the database is split into n shares, which are distributed to independent data servers. A trusted client can use any k shares to reconstruct the secret. These schemes claim to offer security even when k or more servers collude, as long as certain information such as the finite field prime is known only to the client. We present a concrete attack that refutes this claim by demonstrating that security is lost in all three schemes when k or more servers collude. Our attack runs on commodity hardware and recovers a 8192-bit prime and all secret values in less than an hour for k = 8.
%G English
%Z TC 11
%Z WG 11.3
%2 https://inria.hal.science/hal-01534766/document
%2 https://inria.hal.science/hal-01534766/file/978-3-642-31540-4_12_Chapter.pdf
%L hal-01534766
%U https://inria.hal.science/hal-01534766
%~ IFIP-LNCS
%~ IFIP
%~ IFIP-TC
%~ IFIP-WG
%~ IFIP-TC11
%~ IFIP-WG11-3
%~ IFIP-DBSEC
%~ IFIP-LNCS-7371