2012 | OriginalPaper | Buchkapitel
Security Limitations of Using Secret Sharing for Data Outsourcing
verfasst von : Jonathan L. Dautrich, Chinya V. Ravishankar
Erschienen in: Data and Applications Security and Privacy XXVI
Verlag: Springer Berlin Heidelberg
Aktivieren Sie unsere intelligente Suche, um passende Fachinhalte oder Patente zu finden.
Wählen Sie Textabschnitte aus um mit Künstlicher Intelligenz passenden Patente zu finden. powered by
Markieren Sie Textabschnitte, um KI-gestützt weitere passende Inhalte zu finden. powered by
Three recently proposed schemes use secret sharing to support privacy-preserving data outsourcing. Each secret in the database is split into
n
shares, which are distributed to independent data servers. A trusted client can use any
k
shares to reconstruct the secret. These schemes claim to offer security even when
k
or more servers collude, as long as certain information such as the finite field prime is known only to the client. We present a concrete attack that refutes this claim by demonstrating that security is lost in all three schemes when
k
or more servers collude. Our attack runs on commodity hardware and recovers a 8192-bit prime and all secret values in less than an hour for
k
= 8.