Search Results

1. E. Hyytiä, Hybrid Secret Key Escrow Mechanisms as Counters, in 1st International Workshop on Security and Communication Networks (IWSCN), 2009, Trondheim, Norway (link)(bib)

   Abstract: Many of the cryptographic primitives can be used in several ways. One interesting application of the Shamir's secret sharing scheme in the context of privacy aware traffic monitoring is to escrow a secret key after m suspicious events have been observed [1]. In the proposed system a so-called front-end component encrypts the monitored data traffic, which is then stored at the back-end. At the same time, the front-end analyzes the traffic, and if suspicious packets are observed, this is indicated to the back-end by revealing one share of the corresponding encryption key. Once m suspicious events have been detected, the back-end can disclose the secret key, decrypt the particular traffic flow, and carry out further investigations. In this paper we study the secret sharing scheme as a counter at the limit when the threshold m is relatively large. We first analyze how the scheme behaves as m approaches the maximum possible value of p-1, where p is a prime number (design parameter). Then, we also analyze a probabilistic version developed to overcome the limited counting range or excessive reporting overhead by revealing shares only with a certain probability after each event, and provide expressions describing the resulting inaccuracy from the introduced randomness. Finally, we also propose a novel solution to mitigate the otherwise detoriating performance by using a forward error correction scheme similar to LT-codes to encode the shared secret revealing process.