In this paper, we constructed (2, 7)-anonymous threshold scheme from the (49, 56, 8, 7, 1) Resolvable Balanced Incomplete Block Design (RBIBD) using MATLAB codes. The (2, 7)-anonymous threshold scheme was then applied to Result Processing Scheme in the Department of Statistics, University of Ibadan. The scheme developed satisfied the security requirements of authenticity, integrity and verifiability thus making it better than the scheme currently being used in the Department.
Keeping secrets is as old as man. In the early times, human beings kept secrets by inscribing special writings on rocks and walls, keeping of special articles in earthen wares and burying underground etcetera. This has changed drastically today where secrets are kept today using advanced forms of computer technology. Most of our personal information are now on the databases of government, banks, healthcare institutions and other organisations. When these secrets are properly managed, our lives, businesses, political activities and so on are ultimately protected. Secure key management has been an active area of research since the independent works of [1] and [2].
Secret sharing is a method of dividing a secret among a set of { } of n participants. Each of the participants is given a part (share) of the secret in such a way that only certain specified (qualified) subsets of the n participants can reconstruct the secret by combining their shares while certain set of participants gets no information about the secret even when they combine their shares [3].
Variants of secret sharing schemes abound in literature. These include the works of [4], [5], [6], [7], [8], [9], [10] among others. Some applications of secret sharing schemes, which include private proximity testing and recursive information hiding, can be found in [11] and [12].
A perfect threshold scheme is defined by [13] as follows: Suppose that t and w are integers such that . A perfect -threshold scheme is a method of sharing a secret value among a finite set { } of participants in such a way that any participants can compute the value of but no group of (or fewer) participants can compute any information about the value of from the information they hold collectively.
Anonymous threshold schemes were first investigated by [14]. In an anonymous threshold scheme, the secret can be reconstructed without knowledge of which participants hold which shares. The computation of the secret can be carried out by giving the shares to a black box that does not know the identities of the participants holding those shares, [15]. According to [16], the scheme can be used to provide access to a secure area because security is provided without any need for a separate identification protocol. Ideal anonymous secret sharing schemes were investigated by [17]. In this scheme, the size of the shares given to each participant is equal to the size of the secret. They also proved that an ideal anonymous -threshold scheme can be realized if and only if . The -threshold scheme was characterized by [18] in terms of a regular difference family while [19] constructed anonymous secret sharing schemes using combinatorial designs.
A perfect (t, w)-threshold scheme is an anonymous threshold scheme if the following two properties are satisfied: 1. the w participants receive w distinct shares, 2. the secret can be computed solely as a function of t shares, without the knowledge of which participant holds which share.
Let be positive integers such that . A BIBD is a pair such that: is a set of elements called points is a collection of subsets of called block Each block contains exactly points Every pair of distinct points is contained in exactly blocks
3.2.1 Definition: [13] Suppose is a -BIBD. A parallel class in is a subset of disjoint blocks from whose union is . A partition of into parallel classes is called a resolution, and is said to be a resolvable BIBD if has at least one resolution. In an RBIBD, each point occurs exactly one block in each part of the partition (or parallel class)
An example of a resolvable BIBD is the displayed in Table 1. Each column is a parallel class. The two System Analysts ensure that the students' registration details and results are correctly stored on the system. The program used for computing the results was developed by a trusted computer programmer who is not a member of the University community. The HOD, Examination Officer, the final year level adviser and the two system analysts were all trained to handle the program. Each of them is assumed to be trustworthy and each has individual password that give them access to the program. There is also a wireless intranet provision that allows these five members to connect their personal laptops to the main computer system and the result computation can only be done in the office where the main computer system is located. Any of these five members can therefore access the program and compute results, once he/she gains access to the Office.
The following illustration, from [13] showed that -RBIBD can be used to construct anonymous (2, w)-threshold schemes. Suppose that is a , then there are parallel classes, , in the RBIBD. The Dealer chooses a secret value from a specified set of secrets . This implies that there are possible secrets to choose from. The Dealer shares the secret value among the set of participants with the assumption that . To share the secret K, gives some partial information, called a share, from a specified share set , to each of the participants. The share set has cardinality . (X, A) and its resolution are known to all the participants. To share secret , , chooses a random block and gives the points in to the participants, each of the participants receiving one point. Assume that any two participants with shares and want to obtain the secret, recall that (X, A) is a BIBD with λ = 1, then there is a unique block such that . Thus, the two shares can be used to find the parallel class that contains and the secret is revealed as . The scheme is anonymous because the computation of the secret depends on the shares and not on the identities of the shareholders. The security of the scheme is guaranteed because any one share cannot lead to the determination of the secret key to the program. Also, the authenticity, integrity and verifiability requirements for the scheme are satisfied since any two participants must submit their shares to the machine in order to have access to the program.
was selected from a list of RBIBDs in [21] because of its suitability to the application area. An algorithm with five cell executions was written in MATLAB to generate the parallel classes for . The steps taken in the generation of the parallel classes are illustrated with the aid of the workflow chart in Figure 1 while the parallel classes for the RBIBD are displayed in Table 2. . This implies that there are possible secrets to choose from. shares the secret value among the set of participants with the assumption that . The share set has cardinality . The RBIBD and its resolution are known to the 7 participants. In sharing the secret , , chooses a random block and gives the points in to the participants, each of the participants receiving one point. Assume that any 2 of the 7 participants with shares and want to obtain the secret, recall that this RBIBD has its λ = 1, then there is a unique block such that . Thus, the parallel class that contains is determined and the secret is revealed as . The (2,7)-anonymous threshold scheme described above is applied as follows: Assume that a seven (7) member committee, , coordinates result-related issues for students in the Department. The committee comprises of the Head of Department (1), the Examination Officer (1), the Level Advisors (4) and the System Analyst (1). Assume that a trusted dealer , a third party outside the Department, wrote the computer program that computes students' results. To prevent unauthorized access to the program, he devised a Anonymous Scheme that allows at least any two of the seven member committee access to the program. shares the secret key among the committee members such that each member receives a distinct share and the identity of each shareholder is not linked to their respective shares. To reconstruct the secret, any two members submit their shares to the machine, the shares are kept secret by the machine, the secret key is obtained and access is thus provided to the two members. For example, if wants to share the secret key among the 7 participants, picks a random block in , (say {2 11 2 2 31 46 }). These are distributed to members of the committee in such a way that each member is not linked to their respective shares. Any two of the shares e.g. 2 and 2 can be used to reveal the secret. This is because the unique block containing 2 and 2 is {2 11 2 2 31 46 } and the parallel class that contains this block is . So, the secret is .
Since any one member cannot access the program to compute the students' results, the scheme ensures that the security requirements of authenticity, integrity and verifiability for the scheme are satisfied. Thus, the scheme is preferable to the one being used in the Department.
Secret sharing schemes are used for increasing the security of important information. Different secret sharing schemes abound in literature one of which is Anonymous threshold scheme. In this paper, the (2,7) anonymous threshold scheme was constructed from the (49, 56, 8, 7, 1) RBIBD. The (2, 7) anonymous threshold scheme was then applied to Result Processing System in the Department of Statistics, University of Ibadan. The scheme developed satisfied the security requirements of authenticity, integrity and verifiability since a single participant cannot have access to the program used for computing the students' result. This makes the scheme better than the one currently being used in the Department.