Short Paper: Mobile Proactive Secret Sharing

David Schultz
Massachusetts Institute of Technology
das@csail.mit.edu

Barbara Liskov
Massachusetts Institute of Technology
liskov@csail.mit.edu

Moses Liskov
The College of William and Mary
mliskov@cs.wm.edu

ABSTRACT

MPSS is a new way to do proactive secret sharing in asynchronous networks. MPSS provides mobility: The group of nodes holding the shares of the secret can change at each resharing, which is essential in a long-lived system. MPSS additionally allows the number of tolerated faulty shareholders to change when the secret is moved so that the system can tolerate more (or fewer) corruptions; this allows reconfiguration on the fly to accommodate changes in the environment.

Categories and Subject Descriptors

C.2.4 [Computer Communication Networks]: Distributed Systems--distributed applications

General Terms

Security

1. INTRODUCTION

Malicious attacks are an increasing problem in distributed systems. If a node holds an important secret, that secret could be exposed by an attack in which an intruder gains control of that machine. An example of such a secret is the private key used by a certificate authority (such as Verisign) to sign its certificates.
Secret sharing allows a group of servers to possess shares of a secret, such that any t + 1 servers can collaborate to compute with the secret, but any t or fewer servers can learn nothing about the secret. Proactive secret sharing extends secret sharing to work in a long-lived system, in which nodes can become compromised over time, allowing the adversary to collect more than t shares and recover the secret. These schemes provide a share regeneration protocol, in which a new set of shares of the same secret is generated and the old shares discarded, rendering useless any collection of t or fewer old shares the adversary may have learned.

Download full paper