Skip to Main content Skip to Navigation
Conference papers

Security Limitations of Using Secret Sharing for Data Outsourcing

Abstract : Three recently proposed schemes use secret sharing to support privacy-preserving data outsourcing. Each secret in the database is split into n shares, which are distributed to independent data servers. A trusted client can use any k shares to reconstruct the secret. These schemes claim to offer security even when k or more servers collude, as long as certain information such as the finite field prime is known only to the client. We present a concrete attack that refutes this claim by demonstrating that security is lost in all three schemes when k or more servers collude. Our attack runs on commodity hardware and recovers a 8192-bit prime and all secret values in less than an hour for k = 8.
Document type :
Conference papers
Complete list of metadatas

https://hal.inria.fr/hal-01534766
Contributor : Hal Ifip <>
Submitted on : Thursday, June 8, 2017 - 11:06:31 AM
Last modification on : Wednesday, August 7, 2019 - 12:16:27 PM
Long-term archiving on: : Saturday, September 9, 2017 - 12:51:52 PM

File

978-3-642-31540-4_12_Chapter.p...
Files produced by the author(s)

Licence


Distributed under a Creative Commons Attribution 4.0 International License

Identifiers

Citation

Jonathan Dautrich, Chinya Ravishankar. Security Limitations of Using Secret Sharing for Data Outsourcing. 26th Conference on Data and Applications Security and Privacy (DBSec), Jul 2012, Paris, France. pp.145-160, ⟨10.1007/978-3-642-31540-4_12⟩. ⟨hal-01534766⟩

Share

Metrics

Record views

105

Files downloads

141