Summary: Efficient Dynamic-Resharing "Verifiable Secret Sharing"
Against Mobile Adversary
March 25, 1995
We present a novel efficient variant of Verifiable Secret Sharing (VSS) where the dealing of
shares is dynamically refreshed (without changing or corrupting the secret) against the threat of
the recently considered mobile adversary that may control all the trustees, but only a bounded
number thereof at any time period.
VSS enables a dealer to distribute its secret to a set of trustees, so that they are assured that
the sharing is valid and that they can open it later, and further no small group of trustees can
open it prematurely. Recently, such sharing of cryptographic tools gained much attention, e.g., in
the context of "escrowed cryptography" where a user enables a group of trustees to potentially
open its information (when authorized by the court). Our dynamic-sharing VSS allows for
mobile adversary attacking different sets of trustees at different time periods (modeling, e.g.,
network viruses that get spread as well as get killed).
Technically, we concentrate on simple direct methods that are combinatorial and number-
theoretic in nature, and employ only simple public-key functions (and no other cryptographic