VPSS: A verifiable proactive secret sharing scheme in distributed systems

Suranjan Pramanik; Shambhu Upadhyaya

VPSS: A verifiable proactive secret sharing scheme in distributed systems

Suranjan Pramanik
, Shambhu Upadhyaya

Department of Computer Science and Engineering

SUNY Buffalo

Research output: Contribution to conference › Paper › peer-review

6 Scopus citations

Abstract

With the increase in the Internet usage and the load on the servers, replication is used as a standard approach for improving availability of an online service. However, replication of a secret increases vulnerability, so replication must be used in a strategic way if both security and dependability need to be addressed simultaneously. In this paper we propose a verifiable and proactive secret sharing framework in which the secret of the distributed system is sampled and the samples, called shares are scattered in the cluster and refreshed proactively in a periodic manner. In this approach, the secret is never transferred over the network and is never reconstructed at a replicated site. Our scheme increases the number of servers the adversary has to compromise in order to discover the secret, thereby hardening security. We present various algorithms to distribute, refresh, recover and reconstruct the secret in an asynchronous environment. As a proof of concept the framework has been simulated using Opnet and preliminary results are reported.

Original language	English
Pages	826-831
Number of pages	6
State	Published - 2003
Event	MILCOM 2003 - 2003 IEEE Military Communications Conference - Monterey, CA, United States Duration: Oct 13 2003 → Oct 16 2003

Conference

Conference	MILCOM 2003 - 2003 IEEE Military Communications Conference
Country/Territory	United States
City	Monterey, CA
Period	10/13/03 → 10/16/03

Cite this

@conference{2b93772924a5482fab3581c8ac870d6d,

title = "VPSS: A verifiable proactive secret sharing scheme in distributed systems",

abstract = "With the increase in the Internet usage and the load on the servers, replication is used as a standard approach for improving availability of an online service. However, replication of a secret increases vulnerability, so replication must be used in a strategic way if both security and dependability need to be addressed simultaneously. In this paper we propose a verifiable and proactive secret sharing framework in which the secret of the distributed system is sampled and the samples, called shares are scattered in the cluster and refreshed proactively in a periodic manner. In this approach, the secret is never transferred over the network and is never reconstructed at a replicated site. Our scheme increases the number of servers the adversary has to compromise in order to discover the secret, thereby hardening security. We present various algorithms to distribute, refresh, recover and reconstruct the secret in an asynchronous environment. As a proof of concept the framework has been simulated using Opnet and preliminary results are reported.",

author = "Suranjan Pramanik and Shambhu Upadhyaya",

year = "2003",

language = "English",

pages = "826--831",

note = "MILCOM 2003 - 2003 IEEE Military Communications Conference ; Conference date: 13-10-2003 Through 16-10-2003",

}

TY - CONF

T1 - VPSS

T2 - MILCOM 2003 - 2003 IEEE Military Communications Conference

AU - Pramanik, Suranjan

AU - Upadhyaya, Shambhu

PY - 2003

Y1 - 2003

N2 - With the increase in the Internet usage and the load on the servers, replication is used as a standard approach for improving availability of an online service. However, replication of a secret increases vulnerability, so replication must be used in a strategic way if both security and dependability need to be addressed simultaneously. In this paper we propose a verifiable and proactive secret sharing framework in which the secret of the distributed system is sampled and the samples, called shares are scattered in the cluster and refreshed proactively in a periodic manner. In this approach, the secret is never transferred over the network and is never reconstructed at a replicated site. Our scheme increases the number of servers the adversary has to compromise in order to discover the secret, thereby hardening security. We present various algorithms to distribute, refresh, recover and reconstruct the secret in an asynchronous environment. As a proof of concept the framework has been simulated using Opnet and preliminary results are reported.

AB - With the increase in the Internet usage and the load on the servers, replication is used as a standard approach for improving availability of an online service. However, replication of a secret increases vulnerability, so replication must be used in a strategic way if both security and dependability need to be addressed simultaneously. In this paper we propose a verifiable and proactive secret sharing framework in which the secret of the distributed system is sampled and the samples, called shares are scattered in the cluster and refreshed proactively in a periodic manner. In this approach, the secret is never transferred over the network and is never reconstructed at a replicated site. Our scheme increases the number of servers the adversary has to compromise in order to discover the secret, thereby hardening security. We present various algorithms to distribute, refresh, recover and reconstruct the secret in an asynchronous environment. As a proof of concept the framework has been simulated using Opnet and preliminary results are reported.

UR - https://www.scopus.com/pages/publications/3142776559

M3 - Paper

AN - SCOPUS:3142776559

SP - 826

EP - 831

Y2 - 13 October 2003 through 16 October 2003

ER -

VPSS: A verifiable proactive secret sharing scheme in distributed systems

Abstract

Conference

Other files and links

Fingerprint

Cite this