We present a new protocol to perform non-interactive verifiable secret redistribution (VSR) for secrets distributed with Shamir's secret sharing scheme. We base our VSR protocol on Desmedt and Jajodia's redistribution protocol for linear secret sharing schemes, which we specialize for Shamir's scheme. We extend their redistribution protocol with Feldman's non-interactive verifiable secret sharing scheme to ensure that a SUBSHARES-VALID condition is true after redistribution. We show that the SUBSHARES-VALID condition is necessary but not sufficient to guarantee that the new shareholders have valid shares, and present an additional SHARES-VALID condition.

14 pages

Return to: SCS Technical Report Collection
School of Computer Science homepage

This page maintained by reports@cs.cmu.edu