 Research
 Open access
 Published:
Informationtheoretic secure rational secret sharing in asynchronous networks for untrusted cloud environments
Journal of Cloud Computing volume 11, Article number: 89 (2022)
Abstract
Today, cloud storage services increased the popular for data storage in the cloud and retrieve from any location without any time limitations. One of the most important demands required in cloud is secured data transmission in untrusted cloud applications. Particularly, secure and efficient multiparty communications in Untrusted Cloud Environments (UCE) attract widespread attentions. The equipment used in UCE have the particularity of being heterogeneous and UCE communication environment are asynchronous networks in which multiple users cannot transmit their messages simultaneously. How to ensure secure communication between these heterogeneous intelligent devices is a major challenge for multiparty communication applied in UCE. In such an asynchronous environment, the asynchronous transmission can cause security problems in cryptographic functions. Therefore, how to implement rational secret sharing (RSS) in an asynchronous model of the UCE networks has become a burning research topic. The RSS refers to finding a solution composed of strategies to encourage players in the secret reconstruction to act honestly even players are rational to act for their own interest. If each player plays the game for the best response to the best response of other players, the game is in Nash equilibrium. The objective of an RSS is to achieve the Nash equilibrium state corresponding to the global optima. In this paper, we propose an informationtheoretic secure RSS in asynchronous model for UCE. Our design uses Petersen’s VSS to allow every player to divide his share into multiple pieces for other players. Then, shares can be revealed asynchronously. If any player acts maliciously, his share can be recovered by other players. This feature can encourage players to act honestly since any malicious action (i.e., either revealing a fake share or refusing to release one) is useless. Our scheme is practically valuable for secure grouporiented applications in UCE.
Introduction
The rapid development of the Internet has brought people close together, and on this basis, it has been extended and expanded into the Internet of Things (IoT), that is, the Internet of all things connected [1,2,3,4]. As an emerging technology, the Internet of Things has effectively promoted the intelligent development of industry, agriculture, transportation and other aspects. Applications in smart home, pollution monitoring, medical health, and other fields closely related to life have greatly improved people’s quality of life. Grouporiented technology shows its application potential in IoT. For example, the data collected jointly by using grouporiented technology can be used to analyze traffic conditions and realize multiuser interactive computing. As these grouporiented programs are applied on open and insecure networks, they face the need for security.
At the same time, cloud computing services are more popular for data storage and retrieval in the cloud environment. Because of the user’s data security, the encrypted data is persisted in the cloud to protect from permission denied users. The method considers cloud services provider (CSP) or trusted authority to take care the key management assurance like an “it confirmed that key cannot be compromised”. However, some entities may interrupt communications between users and CSP. Hence, it compels the CSP to release user secrecy. In cloud surroundings, data holders, store data on the clouds which are transmitted through the deniable encryption scheme. Therefore, secure and efficient multiparty communications in Untrusted Cloud Environments (UCE) attract widespread attentions [5,6,7,8,9].
With the development of these technologies, more and more advanced companies are adopting the IoT and tend to transform to the intelligent systems (IS) to achieve high performance with less risk. IS refers to the application of smart devices with perception technology, data processing technology, and network communication technology to all links of intelligent transportation devices, which are connected through the network to achieve efficient utilization of resources, improve product quality and reduce resource consumption, thus realizing transportation intelligence. The devices in the IS have the particularity of heterogeneity, and the IS communication is carried out in an untrusted cloud environment, which is an asynchronous network, that is, multiple users cannot transmit their messages simultaneously. In such an Untrusted Cloud Environment (UCE), ensuring secure communication between these heterogeneous transportation devices is a major challenge for multiparty communication applied in IS, which is shown in Fig. 1. Furthermore, in such an asynchronous environment, the asynchronous transmission can cause security problems in cryptographic functions. How to make implementation of rational secret sharing (RSS) in an asynchronous model for UCE has become a burning research topic.
The (t, n) secret sharing scheme (SS) refers to dividing the secret into n subsecrets so that the secret can be recovered when any t or more subsecrets are known, but when the number of known subsecrets is less than t, no information about the secret can be obtained. The SS has become a building block in many current cryptographic applications. There are multiple technologies that can be used to achieve secret sharing. For instance, Shamir [10] designed a (k, n) threshold scheme using linear polynomial, AzimuthBloom [11] studied the secret sharing scheme based on the Chinese Remainder Theorem (CRT), and Blakely [12] introduced a secret sharing scheme using hyperplane geometry. Among them, Shamir’s SS has been received most attention. This is because his SS is flexible and efficient, and it is informationtheoretic secure.
If t or more subsecrets are known, Shamir’s SS can reconstruct the secret using Lagrange Interpolation formula, and this process is very simple. However, in 2004, Halpern and Teague [13] have proposed the concept of Rational SS (RSS). In an RSS, it assumes that the players in the game of secret reconstruction are rational. In other words, each player may be honest or malicious. The players in the secret reconstruction aim to maximize their own interests and take corresponding actions. The objective of an RSS is to find a solution that is composed of strategies to encourage players in the secret reconstruction to act honestly even players are rational to act for their own interest. If each player plays the game for the best response to the best response of other players, the game is in Nash equilibrium. Achieving the Nash equilibrium state corresponding to the global optima is the goal of an RSS. Halpern and Teague [13] have shown that Shamir’s SS is not an RSS. This can be easily understood. Suppose there are t players in the secret reconstruction, if one of them is malicious and he publishes a false subsecret, at the same time, all other honest players publish valid subsecrets, then only this malicious player can reconstruct the secret, while no other honest player has access to the secret. This is not an equilibrium state.
Many researchers have proposed RSS schemes [14,15,16]. In these schemes, players can only exchange information in a synchronized channel. Since the synchronous channel is difficult to be implemented in practice, the existing communication networks are asynchronous networks in which multiple users cannot transmit their messages simultaneously. The asynchronous transmission can cause security problems. Therefore, it is imminent to implement RSS in the asynchronous model. Up to now, there are very few RSS solutions designed for asynchronous channels, including those designed by Maleka et al. [17], designed by Fuchsbauer et al. [14], designed by Ong et al. [15], and designed by Moses et al. [18]. In [17], the game needs to be repeated and an interactive dealer is required [14]. requires the use of cryptographic primitives. In [15, 18], multiple rounds of the game are played and a certain number of players are assumed to be honest.
In 1995, Lin et al. [19] presented a fair secret reconstruction scheme suitable for asynchronous models. In this scheme, the secret s is hidden in the sequence, {d_{1}, d_{2}, …, d_{j − 1}, d_{j}, d_{j + 1}, …, d_{k}}, and it can be reconstructed as a whole in the asynchronous network, where d_{j} = s, d_{j + 1} = D, D is public, and d_{i}, i ≠ j, j + 1, ∀ i, is random integer. Furthermore, Maleka et al. [20] first proposed the concept of repeated games in the RSS problem and proved that limited repeated games are impossible when the player knows the number of repetitions of the game. In [19], instead of requiring all players to release their subsecrets at the same time, the secret reconstruction process restores one element at a time in the order of the sequence until the secret is derived. If the certificate and subsecret submitted by the player pass the verification, the rebuild process continues down the line, otherwise it is forced to stop. Until D is restored, the players can be sure that the previous restoration is the secret. In addition, it should be noted that if the player correctly guesses the location of the secret, he can get exclusive access to the secret. Then the probability that this malicious player has exclusive access to the secret and other honest players cannot obtain the secret is \(\frac{1}{k}.\) In a recent paper [17], the scheme has been improved to include some other features.
In this paper, we propose an RSS protocol which uses VSS for secure group communications in UCE, one of the most popular cryptographic primitives, as a strategy to enforce all players in the secret reconstruction to act honestly to reach the Nash equilibrium state. Our proposed RSS is informationtheoretic secure. And it has two phases. In the first phase, each player acts as the dealer in Peterson’s VSS [21] to divide his/her share into subshares for other players. In addition, the player needs to make Peterson’s commitments publicly known. Using these commitments, these subshares can be verified. After all subshares of players being verified successfully, the scheme is advanced into the second phase. In the second phase, players take turn to reveal their shares asynchronously. Each revealed share can be verified separately. If any share has been verified unsuccessfully, other players can work together to recover the share. Since each share has been shared by other players in the first phase, this feature encourages players to reveal their shares honestly in the second phase. In other words, if players release fake shares in the second phase, their “real” shares can still be recovered by other honest players. The main contributions of this paper are as follows.

An informationtheoretic secure RSS in asynchronous model is proposed.

The RSS uses Peterson’s VSS as building block. It allows every player to divide his share into multiple pieces for other players. Then, shares can be revealed asynchronously. If any player acts maliciously, his share can be recovered by other players.

The RSS is deterministic and simple. This unique feature can encourage players to act honestly since any malicious action (i.e., either revealing a fake share or refusing to release one) is useless.
The rest of paper is organized as follows. Petersen’s VSS is reviewed in Review of Petersen’s VSS section. Model section introduces the model of the presented protocol, including protocol description, type of attacks. In Proposed scheme section, our RSS scheme is proposed. Analysis section analyzes the security of RSS. We conclude this paper in Conclusion section.
Review of Petersen’s VSS
Our proposed RSS is designed on the basis of Pedersen’s VSS [21]. We review this protocol in this section.
The notion of VSS was proposed by Chor et al. [22], which means that participants can verify whether the received subsecret is valid without revealing their own secrets. We give a definition of VSS below.
Definition 1. Toutofn Verifiable Secret Sharing Scheme (VSS)
A toutofn verifiable secret sharing scheme π = (G, R, V) consists of a sharing algorithm G, a reconstruction algorithm R, and a verification algorithm V. The sharing algorithm G ensures that no adversary can reconstruct the secret from less than t shares. The reconstruction algorithm G guarantees that participants can reconstruct the secret based on any t or more known shares. The verification algorithm V enables participants to verify that their shares are generated consistently while ensuring the security of their shares and secrets.
Benaloh [23] proposed an interactive VSS. Cryptographic commitment schemes have been used in Feldman [24] and Pedersen [21] VSSs. The scheme in [24] is proven to be bitwise safe, using the difficulty of discrete logarithms. And the scheme in [21] ensures unconditionally the security of the secret, in which the correctness of the subsecret depends on the calculation assumptions. However, in addition to verifying the validity of the participant’s own subsecret, these VSS schemes cannot verify the subsecrets of other participants. Stadler [25] first presented a publicly verifiable secret sharing (PVSS) scheme, which ensures that the validity of a participant’s subsecret can be verified by other participants. Subsequently, Schoenmaker [26] made improvements on the basis of the PVSS scheme proposed by Stadler, using the standard DiffieHellman difficult hypothesis. Peng and Wang [27] applied the model designed by Schoenmaker to construct a PVSS solution based on linear code. A PVSS protocol based on Pailler’s encryption [28] was proposed by Ruiz and Villar [29]. In addition, noninteractive PVSS scheme using bilinear mapping have been presented [30, 31].
Pedersen’s VSS is informationtheoretic secure. There are public parameters, g, h ∈ Z_{p}, and assumes that no one knows log_{g}h. Pedersen’s VSS uses the following commitment scheme.
Pedersen’s commitment scheme
To commit the secret s, the dealer computes and publishes a commitment E(s, k) = g^{s}h^{k} = E_{0} mod p, where k ∈ Z_{p} and k is randomly selected. Such a commitment can later be opened by releasing s and k.
The Pedersen’s VSS is shown in Fig. 2.
Model
Description of our proposed RSS
Our proposed RSS has two phases. In the first phase, each player is regarded as a dealer in Peterson’s VSS [21] to divide his/her share into subshares for other players. The subshares can be verified by other players. In this phase, all subshares of players need to be verified successfully. In the second phase, players take turn to reveal their shares asynchronously. Each revealed share can be verified separately. If any share has been verified unsuccessfully, other players can work together to use their subshares obtained in the first phase to recover the share. This feature encourages players to reveal their shares honestly in the second phase.
Entities and possible attacks
In a VSS, the owner of the secret is the prover and all other users are the verifiers. In the case of ensuring the security of the secret, the verifiers want to verify that the shares they get are generated consistently. In Pedersen’s VSS, verification is based on the commitments computed by the owner of the secret. Each verifier can verify the share individually without interaction. Inconsistent shares may be generated due to the following two reasons: (a) in shares generation/distribution, nature noise, such as transmission noise or computational error, may cause the inconsistency; (b) inconsistent shares may be generated by a user who tries to cheat other honest users.
Attackers may try to obtain secrets from commitments. Pedersen’s commitment can prevent this attack. Moreover, it is necessary to prevent malicious players from attacking in the process of rebuilding the secret. In our RSS, all information exchanged among players is transmitted through an asynchronous channel. To prevent players from revealing their shares last in the process and knowing the secret by themselves only, there are two phases in our presented RSS. In the first phase, every player needs to follow Petersen’s VSS and act as a dealer to divide his own share (the secret) for other players. The generated shares of his own share are called the subshares. Each subshare is sent to individual player secretly. Some public commitments of the secret need to make publicly known. Each subshare also needs to be verified successfully by each player. Only after all subshares being successfully verified, the scheme advances in the second phase.
The shares of players are released asynchronously in the second phase. Since each revealed share can be verified based on the VSS commitments generated in the first phase and any fake share can also be recovered by other players based on their subshares, this feature encourages players to act honest.
Properties
Our proposed RSS has the following properties:

Secrecy. From the commitment of the secret and shares, it is impossible for the secret to be restored by the attackers.

Fairness. The RSS needs to have strategies to encourage players in the secret reconstruction to act honestly. If players act dishonestly then all players either get no secret or get the secret.

Efficiency. In our proposed RSS, we use Pedersen’s VSS [21] based on polynomials. In the first phase, each user needs to act as a dealer to compute subshares for other players and compute some public commitments. There has no interaction among users to verify shares in Petersen’s VSS.

Undeniability. In the process to reveal shares in Phase 2, no player can deny to release his share since share can be recovered by other players based on subshares distributed in the first phase.
Proposed scheme
RSS scheme
Suppose there are n players, U = {U_{1}, U_{2}, …, U_{n}}, participated in the RSS. The scheme is introduced in detail in Fig. 3.
Discussion
The proposed RSS scheme is composed of three algorithms, namely share generation, share verification and secret reconstruction.
Share generation and share verification
The first two algorithms are identical to the Petersen’s VSS except that for each shares, (f(x_{i}), g(x_{i})), of player, U_{i}, the dealer computes \(E\left(f\left({x}_i\right),g\left({x}_i\right)\right)={g}^{f\left({x}_i\right)}{h}^{g\left({x}_i\right)}={E}_0^i\mathit{\operatorname{mod}}p,i=1,2,\dots, n.\) It is worth noting that in the first stage, each player needs to allocate his shares to other players The reason why these public commitment values of player’s shares are published by the dealer is to prevent players from cheating by generating subshares of fake shares.
Secret reconstruction
It consists two phases, generating subshares and commitments phase, and revealing shares.
Phase 1: generating subshares and commitments phase
In this phase, each player needs to act as the dealer to follow Petersen’s VSS to divide his own shares. Players’ own shares are treated as secrets and subshares are allocated to other players. From commitments published by the dealer and the owner of shares, subshares can be verified to be generated consistently.
Phase 2: revealing shares phase
In this phase, shares of players are revealed asynchronously. Each revealed share can be verified based on the commitments published by the dealer in share generation. If any revealed share cannot be verified successfully or any player refuses to reveal his share, share can still be recovered by subshares of other players. Note that each revealed subshares can also be verified by other players since the shares are generated following Petersen’s VSS in the first phase. At last, the secret can be recovered successfully based on all shares.
Analysis
Security analysis
This section will first prove that our scheme is informationtheoretically secure, and then analyze the security properties of the proposed RSS protocol, which have been defined in Properties section.
There are two types of security in most cryptographic schemes, either informationtheoretic secure or computationally secure. If a scheme is computationally secure, the security of the scheme is based on some mathematical assumptions. If a scheme is informationtheoretic secure, there is no mathematical assumption made to achieve its security. Since informationtheoretic security (also called unconditionally security) does not depend on any computational assumption, schemes with informationtheoretic security are more attractive than most schemes with computational security. In the following theorem, we prove that our proposed RSS scheme is informationtheoretic secure.
Theorem 1
The proposed RSS scheme is unconditionally secure.
Proof
Informationtheoretic security implies that no assumptions are made about the computing power and resources available to an adversary. We can see that there is not any computational assumption in our scheme. The proposed RSS scheme uses Peterson’s VSS as building block. Pedersen’s VSS is informationtheoretic secure. Hence, our RSS scheme is informationtheoretic secure.
Secrecy
It is obvious that Petersen’s VSS prevents players to get the secret/shares from public commitments. In the first phase, each share of player is divided into multiple subshares using a polynomial with degree k − 1. Assuming that the majority of players are always honest (i.e., at least \(k=\left\lceil \frac{n}{2}\right\rceil\) players are honest in the process of secret reconstruction), this ensures that colluded dishonest players (i.e., there are at most n − k < k colluded players) cannot recover any share/secret from any subset of subshares generated in this phase. Thus, shares and the secret are protected. In other words, if multiple players decide to act maliciously, no one can get the secret. On the other hand, since we assume that there exist at least \(k=\left\lceil \frac{n}{2}\right\rceil\) players who are honest, this ensures that each share can be recovered successfully by subshares of honest players.
Fairness
In the second phase, shares are revealed asynchronously. If any player decides to reveal a fake share, Petersen’s VSS can detect this fake shares. Assuming that most players are always honest. The shares are divided into subshares using polynomials having degree k − 1 in the first phase. Thus, any share can be recovered by the subset of subshares of honest players. Note that whether a player is honest or dishonest in revealing his share/subshare can be determined by other players using Petersen’s commitments generated by the dealer and the owner of the share previously. Moreover, if any player decides not to reveal any share, same procedure can be applied to recover the share and the secret. In summary, players acting maliciously in this phase will not affect all other honest players to restore the secret.
Undeniability
The undeniable feature is provided in the first phase by employing Petersen’s VSS to share each share of player. After completing the first phase, no player can deny to reveal the real share in the second phase since any malicious action is useless. The share can always be recovered by the majority of players. This feature of undeniability encourages players in the secret reconstruction to act honestly in revealing their shares in the second phase.
Efficiency analysis
This section will analyze the efficiency property of the proposed RSS protocol, which have been defined in Properties section.
Efficiency
At the beginning of each phase, each player needs to compute and release values to others. But there has no interaction among players to verify subshares. In the first phase, each player needs to execute 2(k − 1) modular exponentiations to compute his commitments and 2(k + 1) modular exponentiations to verify each pair of subshares. Overall, each player needs 2(k − 1) + 2(n − 1)(k + 1) modular exponentiations. In the second phase, each player needs t + 1 modular exponentiations to verify each share of other player. Overall, each player needs (n − 1)(t + 1) modular exponentiations to verify all shares from other players.
Conclusion
The existing communication networks in UCE are asynchronous networks in which multiple users cannot transmit their messages simultaneously. The asynchronous transmission can cause security problems. An informationtheoretic RSS is proposed in this paper for secure group communications in UCE. This RSS can be deployed in an asynchronous network. Our design uses Petersen’s VSS to allow each player to divide his share obtained from the dealer originally and shared with all other players before revealing it to the public. This feature encourages all players to reveal their shares honestly since any malicious behavior (i.e., either revealing a fake share or refusing to release one) is useless. The proposed scheme is practically valuable for secure grouporiented application in UCE.
Availability of data and materials
The data used to support the findings of this study are included within the article.
References
Hu R, Yan Z, Ding W et al (2020) A survey on data provenance in IoT. World Wide Web 23:1441–1463. https://doi.org/10.1007/s11280019007461
Huang Z, Wang Q (2020) A PUFbased unified identity verification framework for secure IoT hardware via device authentication. World Wide Web 23:1057–1088. https://doi.org/10.1007/s1128001900677x
He J, Rong J, Sun L et al (2020) A framework for cardiac arrhythmia detection from IoTbased ECGs. World Wide Web. https://doi.org/10.1007/s11280019007769
Hong H, Sun Z (2018) Sharing your privileges securely: a keyinsulated attribute based proxy reencryption scheme for IoT. World Wide Web 21:595–607. https://doi.org/10.1007/s1128001704758
Peng C, Luo M, Li L, Choo KKR, He D (2021) Efficient certificateless online/offline signature scheme for wireless body area networks. IEEE Internet Things J 18(8):14287–14298
Shen J, Yang H, Vijayakumar P, Kummar N (2021) A privacypreserving and untraceable group data sharing scheme. IEEE Trans Depend Secure Comput. https://doi.org/10.1109/TDSC.2021.3050517
Qiu S, Wang D, Xu G, Kumari S (2022) Practical and provably secure threefactor authentication protocol based on extended chaoticmaps for Mobile lightweight devices. IEEE Trans Dependable Secure Comput 19(2):1338–1351
Han J, Chen L, Schneider S, Treharne H, Wesemeyer S (2021) Privacypreserving electronic ticket scheme with attributebased credentials. IEEE Trans Dependable Secure Comput 18(4):1836–1849
Jiang Q, Zhang X, Zhang N, Tian Y, Ma X, Ma J (2021) Threefactor authentication protocol using physical Unclonable function for IoV. Comput Commun 173:45–55. https://doi.org/10.1016/j.comcom.2021.03.022
Shamir A (1979) How to share a secret. Commun ACM 22(11):612–613
Asmuth C, Bloom J (1983) A modular approach to key safeguarding. IEEE Trans Inf Theory IT29(2):208–210
Blakley GR (1979) Safeguarding cryptographic keys. In: Managing Requirements Knowledge, International Workshop on. IEEE Computer Society, pp 313–313
Halpern J, Teague V (2004) Rational secret sharing and multiparty computation: extended abstract. In: Proceedings of the thirtysixth annual ACM symposium on Theory of computing  STOC ‘04, pp 623–632
Fuchsbauer G, Katz J, Naccache D (2010) Efficient rational secret sharing in standard communication networks. In: Theory of Cryptography Conference. Springer, Berlin, Heidelberg, pp 419–436
Ong SJ, Parkes DC, Rosen A et al (2009) Fairness with an honest minority and a rational majority. In: Theory of Cryptography Conference. Springer, Berlin, Heidelberg, pp 36–53
Tartary C, Wang H, Zhang Y (2011) An efficient and information theoretically secure rational secret sharing scheme based on symmetric bivariate polynomials. Int J Found Comput Sci 22(6):1395–1416
Harn L, Iin CL, Li Y (2015) Fair secret reconstruction in (t, n) secret sharing. J Inform Secur Appl 23:1–7
Moses WK Jr, Rangan CP (2011) Rational secret sharing over an asynchronous broadcast channel with information theoretic security. Int J Netw Secur Appl 3(6):1–18
Lin HY, Harn L (1995) Fair reconstruction of a secret. Inf Process Lett 55(1):45–47
Maleka S, Shareef A, Rangan C P (2008) Rational secret sharing with repeated games. In: International Conference on Information Security Practice and Experience. Springer, Berlin, Heidelberg, pp 334–346
Pedersen TP (1991) Noninteractive and informationtheoretic secure verifiable secret sharing. In: Annual international cryptology conference. Springer, Berlin, Heidelberg, pp 129–140
Chor B, Goldwasser S, Micali S, Awerbuch B (1985) Verifiable secret sharing and achieving si multaneity in the presence of faults. In: Proc. 26th FOCS. IEEE, Piscataway, pp 383–395
Benaloh JC (1986) Secret sharing homomorphisms: Keeping shares of a secret secret. In: Conference on the theory and application of cryptographic techniques. Springer, Berlin, Heidelberg, pp 251–260
Feldman P (1987) A practical scheme for verifiable secret sharing. In: Proceedings of the 28th Annual IEEE Symposium on Foundations of Computer Science. IEEE, New York, pp 427–438
Stadler M (1996) Publicly verifiable secret sharing. In: International Conference on the Theory and Applications of Cryptographic Techniques. Springer, Berlin, Heidelberg, pp 190–199
Schoenmakers B (1999) A simple publicly verifiable secret sharing scheme and its application to electronic voting. In: Annual International Cryptology Conference. Springer, Berlin, Heidelberg, pp 148–164
Peng A, Wang L (2010) One publicly verifiable secret sharing scheme based on linear code. In: Proceeding of 2nd Conference on Environmental Science and Information Application Technology, pp 260–262
Paillier P (1999) Publickey cryptosystems based on composite degree residuosity classes. In: International conference on the theory and applications of cryptographic techniques. Springer, Berlin, Heidelberg, pp 223–238
Ruiz A, Villar JL (2005) Publicly verifiable secret sharing from Paillier’s cryptosystem. In: Proceedings of WEWoRC ‘05, LNI P74, pp 98–108
Tian Y, Peng C, Ma J (2012) Publicly verifiable secret sharing schemes using bilinear pairings. Int J Netw Secur 14(3):142–148
Wu T, Tsenga Y (2011) A pairingbased publicly verifiable secret sharing scheme. J Syst Sci Complex 24(1):186–194
Acknowledgements
I would like to express my very great appreciation to all researchers for their valuable and constructive suggestions during the planning and development of this research work.
Funding
This work was partially supported by the National Natural Science Foundation of China (Grants Nos. 62172181, 62072133) and the key projects of Guangxi Natural Science Foundation (no. 2018GXNSFDA281040).
Author information
Authors and Affiliations
Contributions
The authors confirm contribution to the paper as follows: study conception and design: Chingfang Hsu, Lein Harn; data collection: Zhe Xia; analysis and interpretation of results: Chingfang Hsu, Zhe Xia; draft manuscript preparation: Chingfang Hsu. Lein Harn, Zhe Xia. All authors reviewed the results and approved the final version of the manuscript.
Corresponding author
Ethics declarations
Ethics approval and consent to participate
Not applicable.
Consent for publication
Not applicable.
Competing interests
The authors declared that they have no conflicts of interest to this work.
Additional information
Publisher’s Note
Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.
Rights and permissions
Open Access This article is licensed under a Creative Commons Attribution 4.0 International License, which permits use, sharing, adaptation, distribution and reproduction in any medium or format, as long as you give appropriate credit to the original author(s) and the source, provide a link to the Creative Commons licence, and indicate if changes were made. The images or other third party material in this article are included in the article's Creative Commons licence, unless indicated otherwise in a credit line to the material. If material is not included in the article's Creative Commons licence and your intended use is not permitted by statutory regulation or exceeds the permitted use, you will need to obtain permission directly from the copyright holder. To view a copy of this licence, visit http://creativecommons.org/licenses/by/4.0/.
About this article
Cite this article
Hsu, C., Harn, L., Xia, Z. et al. Informationtheoretic secure rational secret sharing in asynchronous networks for untrusted cloud environments. J Cloud Comp 11, 89 (2022). https://doi.org/10.1186/s13677022003649
Received:
Accepted:
Published:
DOI: https://doi.org/10.1186/s13677022003649