Revisiting group oriented secret sharing schemes

In a (t,n) threshold scheme any t or more shares can reconstruct the secret s, but less than t shares reveal no information about s. However, an unauthenticated adversary can pretend to be the shareholder at the reconstruction stage. If there were more than t honest shareholders, the unauthenticated adversary without valid share can obtain the secret. To deal with this type of attacks, a model of (t,m,n) group oriented secret sharing (GOSS) scheme was proposed by Miao et al. in 2015. Here the group oriented property means that if m>t parties try to reconstruct the secret, they should all have the authentic shares in advance. It was claimed by Miao et al. that the group oriented property in their GOSS schemes holds in the information-theoretic sense. In this paper, we revisit two instantiations of (t,m,n) group oriented secret sharing schemes and show that these constructions cannot provide the so-called “group oriented property”. Specifically, we develop concrete attacks which allow an unauthenticated adversary with no valid share to participate in the reconstruction phase and obtain the secret provided that there are at least t honest shares presented at the reconstruction phase.