Verifiable Secret Sharing And Its Application In The Group Signature

Secret sharing is an important direction in the field of modern cryptography and also an important research field in information security. Especially with the popularity and rapid development of computer networks, it plays a key role in protecting the important and sensitive information from being destroyed, lost, viciously, or into wrong hands. In 1979, Shamir and Blakley first proposed the concepts of secret sharing schemes, and many scholars of secret sharing have in depth researched and improved. At the same time a lot of safe and efficient secret sharing schemes are developed. However, as many schemes are widely discussed, there are many drawbacks in these schemes as followed:during one secret sharing process only one secret can be shared, and once the secret has been reconstructed, the dealer must redistribute a fresh shadow to every participant; a malicious dealer may distribute a fake share shadow to a certain participant, then this participant would never obtain the true share; in the secret recovery phase, a dishonest participant may provide a fake share to other participants, which may lead to the dishonest participant the only one who can reconstruct the true secret.To solve these problems, we choose the verifiable secret sharing as our priority research areas. Verifiable secret sharing schemes are very useful to storage a secret. On the one hand they can effectively prevent misuse of the over-centralization of power, and on the other hand they can ensure the integrity and security of the secret. In addition, participants can effectively check out the fraudster in these schemes, and make the authorized subset the only one who can restore the true secret. Therefore, verifiable secret sharing is extensively used in the field of key management, data security, management of bank net and missile management and launch etc. Moreover it is used to structure worthily cryptographic arithmetic in combination with digital signature and status authentication which expanded verifiable secret sharing schemes' application.In this paper, we introduced the background of verifiable secret sharing and its development and broadcast, and analyzed some classical secret sharing schemes. Simultaneously, we researched shortcomings of existing secret sharing schemes in practice. Aiming at these problems, we designed two verifiably practical secret sharing schemes. Subsequently, we studied its application in group signature and proposed a group signature scheme based on the general access structure without trusted centre. The main work of this paper is following:1. Based on Lagrange interpolation formulas and two variable one-way function, a verifiable multi-secret sharing scheme is proposed which makes use of bilinear map. Each participant's secret shadow is selected by the participant himself, and the sub-secret of every participant can be used many times. Many secrets can be recovered in one time. The dealer doesn't need to deliver any secret message to participants, so a secure channel between them is unnecessary. The scheme can check whether the dealer and each participant is honest, and the participant who provides a false share or attacker tamper the message can't gain any message about the shared secret.2. Considering the different power of every participant on shared secret in practice, the paper proposes a publicly verifiable secret sharing scheme on access structures which uses the non-interactive zero-knowledge proof. The scheme can effectively prevent the dealer and participants' cheat, and everyone can verify whether the shadows are true. The sub-secret of every participant can be used many times. The process in carrying out the scheme doesn't need a secure channel, and many secrets can be shared in one time.3. The paper designs a group signature scheme based on the general access structure without trusted centre, which takes advantage of the verifiable secret sharing. The scheme is secure and efficient which doesn't need the trusted KDC's participation. And the authorized subset is the only one who can finish an efficacious signature.