Skip to Main content Skip to Navigation
Conference papers

Security Limitations of Using Secret Sharing for Data Outsourcing

Abstract : Three recently proposed schemes use secret sharing to support privacy-preserving data outsourcing. Each secret in the database is split into n shares, which are distributed to independent data servers. A trusted client can use any k shares to reconstruct the secret. These schemes claim to offer security even when k or more servers collude, as long as certain information such as the finite field prime is known only to the client. We present a concrete attack that refutes this claim by demonstrating that security is lost in all three schemes when k or more servers collude. Our attack runs on commodity hardware and recovers a 8192-bit prime and all secret values in less than an hour for k = 8.
Document type :
Conference papers
Complete list of metadata
Contributor : Hal Ifip <>
Submitted on : Thursday, June 8, 2017 - 11:06:31 AM
Last modification on : Wednesday, August 7, 2019 - 12:16:27 PM
Long-term archiving on: : Saturday, September 9, 2017 - 12:51:52 PM


Files produced by the author(s)


Distributed under a Creative Commons Attribution 4.0 International License



Jonathan Dautrich, Chinya Ravishankar. Security Limitations of Using Secret Sharing for Data Outsourcing. 26th Conference on Data and Applications Security and Privacy (DBSec), Jul 2012, Paris, France. pp.145-160, ⟨10.1007/978-3-642-31540-4_12⟩. ⟨hal-01534766⟩



Record views


Files downloads