Publication 1998 Issue No. 9 - September Abstract - Access Control and Signatures via Quorum Secret Sharing
Access Control and Signatures via Quorum Secret Sharing
September 1998 (vol. 9 no. 9)
pp. 909-922
 ASCII Text x Moni Naor, Avishai Wool, "Access Control and Signatures via Quorum Secret Sharing," IEEE Transactions on Parallel and Distributed Systems, vol. 9, no. 9, pp. 909-922, September, 1998.
 BibTex x @article{ 10.1109/71.722223,author = {Moni Naor and Avishai Wool},title = {Access Control and Signatures via Quorum Secret Sharing},journal ={IEEE Transactions on Parallel and Distributed Systems},volume = {9},number = {9},issn = {1045-9219},year = {1998},pages = {909-922},doi = {http://doi.ieeecomputersociety.org/10.1109/71.722223},publisher = {IEEE Computer Society},address = {Los Alamitos, CA, USA},}
 RefWorks Procite/RefMan/Endnote x TY - JOURJO - IEEE Transactions on Parallel and Distributed SystemsTI - Access Control and Signatures via Quorum Secret SharingIS - 9SN - 1045-9219SP909EP922EPD - 909-922A1 - Moni Naor, A1 - Avishai Wool, PY - 1998KW - Quorum systemsKW - replicationKW - secret sharingKW - securityKW - cryptography.VL - 9JA - IEEE Transactions on Parallel and Distributed SystemsER -

Abstract—We suggest a method of controlling the access to a secure database via quorum systems. A quorum system is a collection of sets (quorums) every two of which have a nonempty intersection. Quorum systems have been used for a number of applications in the area of distributed systems. We propose a separation between access servers, which are protected and trustworthy, but may be outdated, and the data servers, which may all be compromised. The main paradigm is that only the servers in a complete quorum can collectively grant (or revoke) access permission. The method we suggest ensures that, after authorization is revoked, a cheating user Alice will not be able to access the data even if many access servers still consider her authorized and even if the complete raw database is available to her. The method has a low overhead in terms of communication and computation. It can also be converted into a distributed system for issuing secure signatures. An important building block in our method is the use of secret sharing schemes that realize the access structures of quorum systems. We provide several efficient constructions of such schemes which may be of interest in their own right.

[1] D. Agrawal and A.E. Abbadi, An Efficient and Fault-Tolerant Solution for Distributed Mutual Exclusion ACM Trans. Computing Systems, vol. 9, no. 1, pp. 1-20, 1991.
[2] D. Beaver and A. Wool, "Quorum-Based Secure Multi-Party Computation," Proc. Advances in Cryptology—EUROCRYPT '98, K. Nyberg, ed., pp. 375-390,Espoo, Finland, May 1998.
[3] A. Beimel and B. Chor, "Universally Ideal Secret Sharing Schemes," Proc. Advances in Cryptology—CRYPTO '92, pp. 183-195, 1992.
[4] J. Benaloh and J. Leichter, "Generalized Secret Sharing and Monotone Functions," Proc. Advances in Cryptology—CRYPTO '88, pp. 27-36, 1988.
[5] G.R. Blakley, "Safeguarding Cryptographic Keys," Proc. AFIPS, Nat'l Computer Conf., vol. 48, pp. 313-317, 1979.
[6] C. Blundo, A. De Santis, L. Gargano, and U. Vaccaro, "On the Information Rate of Secret Sharing Schemes," Proc. Advances in Cryptology—CRYPTO '92, pp. 148-167, 1992.
[7] E.F. Brickell and D.M. Davenport, "On the Classification of Ideal Secret Sharing Schemes," Proc. Advances in Cryptology—CRYPTO '89, pp. 278-285, 1990.
[8] S.Y. Cheung, M.H. Ammar, and M. Ahamad, "The Grid Protocol: A High Performance Scheme for Maintaining Replicated Data," IEEE Trans. Knowledge and Data Eng., vol. 4, no. 6, pp. 582-592, 1992.
[9] S.B. Davidson, H. Garcia-Molina, and D. Skeen, "Consistency in Partitioned Networks," ACM Computing Surveys, vol. 17, no. 3, pp. 341-370, Sept. 1985.
[10] A. De Santis, Y. Desmedt, Y. Frankel, and M. Yung, "How to Share a Function Securely," Proc. 26th ACM Symp. Theory of Computing (STOC), pp. 522-533, 1994.
[11] Y. Desmedt and Y. Frankel, Shared Generation of Authenticators and Signatures Proc. Advance in Cryptology (Crypto '91), pp. 457-469, 1991.
[12] C. Dwork and M. Naor, "An Efficient Existentially Unforgeable Signature Scheme and Its Applications," Advances in Cryptology—CRYPTO '94, Y.G. Desmedt, ed., pp. 234-246, 1994.
[13] A. Fu, "Enhancing Concurrency and Availability for Database Systems," PhD thesis, Simon Fraser Univ., Burnaby, B.C., Canada, 1990.
[14] H. Garcia-Molina and D. Barbara, “How to Assign Votes in a Distributed System,” J. ACM, vol. 32, no. 4, pp. 841-860, Oct. 1985.
[15] O. Goldreich, "Two Remarks Concerning the Goldwasser-Micali-Rivest Signature Scheme," Advances in Cryptology—CRYPTO '86, A.M. Odlyzko, ed., pp. 104-110, 1987.
[16] O. Goldreich, "Foundations of Cryptography (Fragments of a Book)," Electronic Colloquium on Computational Complexity, 1995. Electronic Publication:http://www.eccc.uni-trier.de/eccc/info/ECCC-Books eccc-books.html.
[17] O. Goldreich, S. Goldwasser, and S. Micali, "How to Construct Random Functions," J. ACM, vol. 33, pp. 792-807, 1986.
[18] S. Goldwasser, S. Micali, and R. Rivest, "A Digital Signature Scheme Secure Against Adaptive Chosen-Message Attacks," SIAM J. Computing, vol. 17, no. 2, 1988.
[19] L. Gong, "Increasing Availability and Security of an Authentication Service," IEEE J. Selected Areas Comm., vol. 11, no. 5, pp. 657-662, 1993.
[20] L. Gong and P. Syverson, "Fail-Stop Protocols: An Approach to Designing Secure Protocols," Proc. Fifth Conf. Dependable Computing for Critical Applications (DCCA), pp. 44-55, Sept. 1995.
[21] M.P. Herlihy, "Replication Methods for Abstract Data Types," PhD thesis, Massachusetts Inst. of Technology, MIT/LCS/TR-319, 1984.
[22] M.P. Herlihy and J.D. Tygar, "How to Make Replicated Data Secure," Proc. Advances in Cryptology—CRYPTO '87, pp. 379-391, 1988.
[23] T. Ibaraki and T. Kameda, "A Theory of Coteries: Mutual Exclusion in Distributed Systems," IEEE Trans. Parallel and Distributed Systems, vol. 4, pp. 779-794, July 1993.
[24] M. Ito, A. Saito, and T. Nishizeki, "Secret Sharing Schemes Realizing General Access Structure," Proc. IEEE Global Telecomm. Conf. (Globecom '87), pp. 99-102, 1987.
[25] S. Jajodia and D. Mutchler, “Dynamic Voting Algorithms for Maintaining the Consistency of a Database,” ACM Trans. Data Systems, vol. 15, no. 2, pp. 230-280, June 1990.
[26] M. Karchmer and A. Wigderson, "On Span Programs," Proc. Structures in Complexity Theory, pp. 102-111, 1993.
[27] H. Krawczyk, "Secret Sharing Made Short," Proc. Advances in Cryptology—CRYPTO '93, pp. 136-146, 1994.
[28] A. Kumar, “Hierarchical Quorum Consensus: A New Algorithm for Managing Replicated Data,” IEEE Trans. Computers, vol. 40, no. 9, pp. 996-1,004, Sept. 1991.
[29] D.E. Loeb, "The Fundamental Theorem of Voting Schemes" J. Combinational Theory, Series A, vol. 7, no. 1, pp. 120-129, 1996.
[30] L. Loväsz, "Coverings and Colorings of Hypergraphs," Proc. Fourth Southeastern Conf. Combinatorics, Graph Theory, and Computing, pp. 3-12, 1973.
[31] M. Luby, Pseudorandomness and Cryptographic Applications.Princeton, N.J.:, Princeton Univ. Press, 1996.
[32] M. Maekawa, “A$\sqrt N$Algorithm for Mutual Exclusion in Decentralized Systems,” ACM Trans. Computer Systems, vol. 3, no. 2, pp. 145-159, May 1985.
[33] S. Micali and R. Sidney, "A Simple Method for Generating and Sharing Pseudo-Random Functions for Applications to Clipper-Like Key Escrow Systems," Advances in Cryptology—CRYPTO '95, D. Coppersmith, ed., pp. 185-196, 1995.
[34] B. Monjardet, "Charactérisation desÉléments Ipsoduaux du Treillis Distributif Libre," C.R. Academie de Science Paris, série A, vol. 274, pp. 12-15, 1972.
[35] S.J. Mullender and P.M.B. Vitányi, "Distributed Match-Making," Algorithmica, vol. 3, pp. 367-391, 1988.
[36] M. Naor and A. Wool, “The Load, Capacity and Availability of Quorum Systems,” SIAM J. Computing, vol. 27, no. 2, pp. 423-447, Apr. 1998.
[37] D. Peleg and A. Wool, The Availability of Quorum Systems Information and Computation, vol. 123, no. 2, pp. 210-223, 1995.
[38] D. Peleg and A. Wool, "The Availability of Crumbling Wall Quorum Systems," Discrete Applied Math., vol. 74, no. 1, pp. 69-83, Apr. 1997.
[39] D. Peleg and A. Wool, "Crumbling Walls: A Class of Practical and Efficient Quorum Systems," Distributed Computing, vol. 10, no. 2, pp. 87-98, 1997.
[40] M. Raynal, Algorithms for Mutual Exclusion. NorthOxford Academic, 1986.
[41] M.K. Reiter and K.P. Birman, "How to Securely Replicate Services," ACM Trans. Programming Language Systems, vol. 16, no. 3, pp. 986-1,009, 1994.
[42] A. Delis and N. Roussopoulos, "Management of Updates in the Enhanced Client-Server DBMS," Proc. 14th IEEE Int'l Conf. Distributed Computing Systems,Poznan, Poland, June 1994.
[43] A. Shamir, "How to Share a Secret," Comm. ACM, vol. 22, no. 11, pp. 612-613, 1979.
[44] G.J. Simmons, ed., Contemporary Cryptology: The Science Of Information Integrity.Piscataway, N.J.: IEEE Press, 1992.
[45] B. Simons, J.L. Welch, and N. Lynch, "An Overview of Clock Synchronization," Fault-Tolerant Distributed Computing, B. Simons and A. Spector, eds. Springer-Verlag, 1990.
[46] J. Steiner, B.C. Neuman, and J.L. Schiller, "Kerberos: An Authentication Service for Open Networks," Proc. Winter USENIX Conf.,Dallas, Tex., 1988.
[47] R.H. Thomas, “A Majority Consensus Approach to Concurrency Control,” ACM Trans. Database Systems, vol. 4, no. 2, pp. 180-209, June 1979.
[48] L.G. Valiant, "Short Monotone Formulae for the Majority Function," J. Algorithms, vol. 5, pp. 363-366, 1984.
[49] T.W. Yan and H. Garcia-Molina, "Distributed Selective Dissemination of Information," Proc. Third Int'l Conf. Parallel and Distributed Information Systems, pp. 89-98, 1994.

Index Terms:
Quorum systems, replication, secret sharing, security, cryptography.
Citation:
Moni Naor, Avishai Wool, "Access Control and Signatures via Quorum Secret Sharing," IEEE Transactions on Parallel and Distributed Systems, vol. 9, no. 9, pp. 909-922, Sept. 1998, doi:10.1109/71.722223