1 Introduction

Due to the increase demand on information technology and multimedia communication, information security is being very important aspect. Many techniques have been developed and proposed to increase the security of information [18]. Some focused on scrambling the multimedia information not to be useful such as cryptography based mainly on mathematical concepts and special arithmetic operations [12] based on different Galois Fields (GF) arithmetic [6]. Other security techniques focused on hiding the information itself such as steganography, which also showed different variations based on the hiding schemes [1]. Some implemented the security features on general software platforms while others dedicated hardware modules for it, showing interesting security achievements [7]. These security techniques are focusing on the idea that one person is controlling the secrecy of information. Nowadays, some applications are found popular requiring security to be performed by several persons, where technical proof of sharing the secrecy is a must. This idea is known as the Secret-sharing [19], which is one of these techniques that are getting more attention among security, cryptography, and steganography area. It is needed for many applications where essential software or e-resources has to be really secured or cannot be reveled easily except by physical agreement and human interaction [3].

Secret sharing schemes are becoming more important for storing information that is highly sensitive with big affect [21]. Examples include encryption keys, missile launch control, and numbered bank accounts, where access of each of these must be kept collectively top confidential, as their exposure could be disastrous. Traditional methods of encryption and normal cryptography achieve high levels of confidentiality and reliability [9], but lack the real collectivity access of decision making [19]. This is because when storing the encryption key, one alone must choose between keeping a single copy of the key in a location for maximum secrecy, or keeping multiple copies of the key in different locations for greater reliability [3]. In fact, increasing reliability of the key by storing multiple copies lowers confidentiality by creating additional attack possibilities. Also, there are more opportunities for a copy to fall into wrong participants hands. Secret sharing schemes address this problem specifically, and allow arbitrarily high levels of confidentiality and reliability to be achieved.

Secret sharing schemes are becoming important in cloud computing media. Thus shares of a key can be distributed over many servers by a threshold secret sharing mechanism. The key, i.e. target key, is then reconstructed as needed. In other words, secret sharing can be studied as the method of distributing the ownership of a secret target key amongst a group of participants, each of whom is allocated a share of this secret. The secret can be reconstructed only when a sufficient number of shares are combined together, whereas individual shares cannot be useful on their own [19].

The secret sharing scheme is a tool can be used in many cryptographic protocols. It is dedicated for assisting key management security and authentication [8]. In secret-sharing, a secret target-key TK is split into n useful shares, which are distributed by a dealer to a number of participants [21]. In theory, the target key TK can be reformed in A collection A of subsets, however, not all A is useful as appropriate secret shares for our TK combination function. The useful share from set A is labeled as n, where any threshold subset, i.e. k out of n can reconstruct the target-key TK from its shares. In order to reconstruct the target-key, these k∈n shares must be merged together in a specific combination. The reconstruction main concern is that any group of k shares or more (k is the threshold) can together be merged to get the secret TK, but no group of fewer than k participants can. Also, repetition of a share is not allowed in the reconstruction process resulting in false TK output. Such a system is called a (k, n) - or k out of n - secret sharing threshold scheme. The process of reconstructing the target-key TK from an access structure is called a combiner or target-key TK reconstruction. To be concise with the literature, the main two properties that any secret sharing scheme has to fulfill are:

  • Recoverability: where the target-key TK can be reconstructed given any k shares.

  • Secrecy: where no information can be known about TK given any number of shares < k.

The idea was first introduced by George Blakley [3] as well as Adi Shamir [19] both in 1979. Since then, Different efficient schemes were proposed as classified in the next section showing many different flavors. We propose a new secret-sharing scheme that works based on recovering the target-key TK via counting the ones of the k shares in parallel. The applicable k secret shares are placed with their bits in parallel allowing their ones to be counted, i.e. in parallel, making the resulting secret output one if the threshold is passed. The work details the method model and simulates it adopting two different secret shares generation techniques, i.e. focusing on 1-bit one, or 2-bits ones, where both are studied showing promising results.

The paper is organized as follows. Section 2 covers the related work literature survey. It discusses different classifications of secret sharing schemes followed by examples of secret-sharing applications presented in Section 3. The examples are given to show the great benefit of the proposed secret sharing technique to applications such as securing bank sensitive accounts and error tracking, voting systems trust, medical agreement, wills and inheritance authentication management. Section 4 proposes our counting-based secret-sharing scheme. Then, Section 5 presents the modeling and simulation that is elaborating on the two variations proposed for secret shares generation. Section 6 discusses the proposed method comparisons elaborating on the benefits and drawbacks of every model variation detailing their effect on the security level. Finally, the paper is concluded in Section 7.

2 Related background of secret-sharing schemes

Secret-sharing schemes can be classified based on five different bases, where some are related toward this research more than others. The five secret-sharing schemes can be classified based on number of shared secrets, based on share weight, based on the changeability of shares, based on the rights given to the dealer and participants, and based on the techniques used. Every classification scheme has its properties as briefly clarified in the following:

2.1 Secret-sharing based on number of shared secrets

This secret sharing classification based on number of shares is very basic and can be thought of as the ignition beginning this research area. The number of shares can reduce to only one or increase and require fair distribution to several participants. The single share is resulting into single target-key TK making it dealt with as normal simple symmetric key security system. On the other hand, more than one share, i.e. several secret shares method is the real beneficial approach motivating this entire secret sharing phenomenon, which is found motivating our proposed counting-based secret sharing technique.

To be precise, the literature shows that the secret-sharing can be classified based on number of shared secrets into:

  • Single secret: where only the target-key TK can be shared.

  • Multiple secrets: where the secret-sharing scheme allows multiple secrets to be shared.

Examples of single secret schemes include Shamir; Blakley; Mignotte; Asmuth-Bloom; Brickell; Ghodosi; Iftene; Benaloh; Feldman; Pedersen; Ingemarsson; Jackson; Martin; Steinfelda; Herzberg. Examples of multiple secret schemes include Chien; Yang; Shao; Franklin; Pang; He; Bai; and matrix projection [21].

2.2 Secret-sharing based on share weight

The secret sharing classification based on share weight giving some participants more power in target-key TK regeneration more than the others, which can known or can be kept confidential not to affect the others participation nor understanding. The analogy of this in real life can be understood in the voting system, for example, where the chairman is given the power (or weight) of two or three votes among the other participants. In other words, the secret-sharing can be classified based on share weight into:

  • Same weighted shares: where all shares have the same weight.

  • Multi-weighted shares: this can be done in two ways. The first is to assign more shares to some participants. Shamir’s hierarchical secret sharing scheme is an example of this method. In the second way, some shares contain more information about the shared secret different than other shares. An example of such interesting approach is proposed by Tassa’s scheme [20].

2.3 Secret-sharing based on the changeability of shares

Secret sharing classification based on changeability of shares affected by time combined to power of position as classified into three methods. First, for example, shares are made to expire and/or must be refreshed or regenerated after certain time, as is the common case nowadays with frequent password changing request in high security sensitive systems. This method is known here as proactive secret sharing. The second changeability secret sharing classification is the timely dynamically changing after distribution, of course adhering to certain agreement. The third classification is giving some discrimination among participants, i.e. some are given more power not to require changing their shares while others must change. This classification does not link to our proposed counting-based secret sharing technique since all participants are given the shares once not allowing any changing. To summarize this classification from out of the box, the three changeability secret-sharing methods can be briefed as follows:

  • Proactive secret sharing: here, the shares are updated periodically. Old shares are not used any more. Herzberg scheme is an example of this class [13].

  • Dynamic secret sharing: there exist two cases here. In the first, the dealer can change some access structures. In the second, some participants are given the ability to reconstruct different secrets. Two examples of this type are given in [5, 15].

  • Secret sharing with veto capability: the secret key in this class is prevented from being reconstructed. The research in [4] gives an example of this type.

2.4 Secret-sharing based on the rights given to the dealer and participants

This secret sharing classification is based on the rights given to the dealer and participants allowing reconstruction of shares based on honesty and trust. Some, i.e. the dealer and/or participants, can be given the arithmetic foundation tool to regenerate the shares as required. As this level of trust reduces, the computational tool details are kept confidential among them forbidding the recovery possibility which is out of the scope of our proposed counting-based secret sharing technique. For the completion of the study, the classification of secret-sharing based on the rights given to the dealer and participants can be briefed as follows:

  • Computational secret sharing: the computation power of the participants (and maybe the dealer as well) is bounded. For example, in the Krawczyk technique [14], the information rate allowed for a participant equals the ratio between the average length of the share and the length of the secret.

  • Verifiable secret sharing: in this technique, it is supposed that not all participants are honest. Therefore, honest participants should be able to recover the secret and dishonest ones should not get any information on it. Ogata et al. [17] adopted Shamir’s scheme to be able to detect dishonesty in secret sharing.

  • Robust secret sharing: this technique allows reconstruction of the secret in the case of corrupting some shares due to some adversary actions. An example of such techniques is given in [16].

2.5 Secret-sharing based on the techniques used

The secret-sharing can be classified depending on the arithmetic techniques used. It can also involve hardware vs. software features such as its implementation on pipelined e-security dedicated modules [8], or efficient crypto-arithmetic adders [11], avoiding the software based on polynomial or interpolation computations as well as the known Chinese Remainder Theorem [2]. It can also be computed anonymously as will be the case followed in our research proposing this counting-based secret sharing technique.

To be concise, the secret-sharing can be classified based on techniques used into:

  • Polynomial based secret sharing: which is based on polynomials and interpolations, such as Lagrange’s interpolation [19] and Brikhoff interpolation [20].

  • Chinese Remainder Theorem (CRT) based secret sharing: For example, in [2], a specific number of participants can reconstruct the secret by using CRT. In fact, CRT arithmetic can benefit from dedicated hardware with software features such as the expandable modulo multiplier presented in [10].

  • Anonymous secret sharing: in this type, the secret can be reconstructed without knowing which participants holds which share.

3 Applications of secret-sharing

There are many applications that can benefit from secret sharing. This section will list some of them especially applicable to our proposed counting-based secret sharing technique, as the following different real life examples.

3.1 Bank sensitivity accounts and error tracking

Consider sensitive bank accounts that need at least k shares from a total of n shares to reconstruct the super-password, i.e. target-key TK, to deal with important customers or companies’ accounts. It can also be used to correct human mistakes or common errors in the banking system in entering any information, which is needed to increase the accuracy percentage and show record for the error causing assistants. This system is also needed whenever a large financial deduction is to occur making the banking top management question what is happening.

3.2 Voting systems trust

When the votes are collected and the results are to be summarized, k out of n shares of officers in charge is needed to proof correctness. This is required also to give confidence to the voters that there is no possible results interpretation.

3.3 Medical agreement

Some medical results are very sensitive and needs to be observed by several medical specialists together. This scenario is best served by at least k shares from a total of n shares to reconstruct the target-key TK to open the medical testing results. It can also be useful in securing information related to deep neural network based on sparse auto-encoder for voxel-wise detection of cerebral micro-bleed as detailed in [22].

3.4 Wills and inheritance

Normally the inheritance and wills letter can be reason for problems between people involved. A good way to reduce this problem and increase trust is to put the inheritance and wills letter into secret form that cannot be observed except by availability of most involved people. Secret sharing can help by requiring at least k from n shares to be available to reconstruct the target-key TK to open and study the inheritance and wills letter.

4 Proposed counting-based secret sharing technique

The proposed secret sharing method works on constructing a set of secret shares (A) from the Target Key TK where only selected (n) secret-shares can be useful, i.e. to our technique. Note that subset n∈A is the useful shares to be distributed among application participants. Based on the user application requirements (k) shares are chosen, I mean k out of n shares, where these k are selected sufficient to be combined to reconstruct the Target Key TK. This process of combining the k shares to reconstruct TK is performed through our specific Counting-Based method. Our complete proposed counting-based secret sharing technique process can be observed within the analogy of Fig. 1.

Fig. 1
figure 1

Proposed counting-based secret sharing process

Full size image

The proposal process covers the method of generating the shares as well as the combining reconstruction scheme generating the Target Key TK. Observe Fig. 1, two options have been presented for providing the secret shares collection A where the subset n of useful shares can be selected from. The two options are named as 1-bit method or 2-bits method for secret shares generation, where both are elaborated later showing their pros and cons. Consider the k selection where k∈n shares are needed as input to the counting-based combination technique to regenerate the target key TK. As in Fig. 1, our counting-based reconstruction technique is exactly same for both 1-bit or 2-bits secret shares methods.

Note that generating the shares sizes are performed assuming that k is of same size as the Target Key TK to insure appropriate security reducing guessing probability of TK from shares. It is implicit that TK cannot be regenerated with less than k shares. It is to be mentioned that any k∈n shares can be used together as input to the combination technique inputted in parallel to reconstruct TK. The proposed technique uses our counting-based method to add up the one-bits in the same position. If the counted bits are added up to the value of k (as the threshold), then the resulted output bit is assumed 1 otherwise the resulted bit is zero. These resulted bits are combined to construct the Target Key TK needed. The proposed counting-based secret sharing method can be formulated as Algorithm-1 shown below.

figure c

The algorithm is modeled and simulated as described in Section 5. To clarify the technique algorithm concept in depth, a clarification example is detailed next followed by general examples to proof the concept more. The clarification example covers several scenarios of choosing different values of n and its threshold choice k. The example also proves the applicability of the technique to stand against the security intruders attempts.

All the different examples are considering the proposed counting-based scheme in binary format. However, the numbers are also given in hexadecimal (Hex) numbering for clarification purposes. Hex numbers are to simplify tracing the results to avoid typo errors and confusions. Providing binary as well as hexadecimal digits are to also show the user’s possible view of the numbers. We stress that what the user is going to observe cannot be related straightforwardly to the shares nor to the secret target key TK, which are simply verified via hexadecimal numbers easier than binary. In fact, not using Hexadecimal makes the readers unsure, where using Hex numbers are also preferred by many related researchers making them prefer it to follow the work and its objective in clean clear smooth flow [10].

4.1 Clarification example

To describe our proposed counting-based secret sharing technique a simplified example is used. This example is not focusing on the shares generation, i.e. how to develop n or k shares, which will be presented later in the next section as 1-bit or 2-bits shares generation methods. The focus of this example is to show the counting-based technique recombination to generate TK. The example will study the condition of assuming k = 4 combining the shares in six conditions. It will first show the two conditions to get back TK in a very formal correct circumstance as well as the scenario condition of combining shares > k. Then, the example will explain the four false (incorrect TK output) conditions of combining shares < k, involving one false (intruder) share, involving several false (intruder) shares, and condition of combining repeated shares. The assumption is studying the secret Target Key TK as: 1011 0101 1101; supposing n = 8 and k = 4.

figure d

Note that many other unsuitable shares can be listed as part of A but eliminated from n; since n will consider the shares that can be useful to be chosen as k. To be brief, not all possible shares of A are suitable, only the selected n shares are elected such that to work correctly in the proposed counting-based technique recombination to generate TK as clarified in the following cases:

  • Case 1: Condition of Combining Shares = k

Observing the n = 8 shares above, any k (k = 4 in this example case) shares are combined and their position counting of one-bits are computed as the following:

figure e

In the positions with counting result = k, i.e. counting bits = 4 in our case, that position is given a one, otherwise, a zero is placed in that location.

figure f

  • Case 2: Condition of Combining Shares > k

This system is valid even if more than k shares are combined with condition that the counting result is equal to or greater than k, i.e. counting result ≥k, such as the following:

figure g

So the condition to get the results back is to count the one-bits within the same location of the shares, whenever the counting result ≥k the output is one; otherwise the counting result <k and the output is zero.

  • Case 3: Condition of Combining Shares < k

Assume the shares available are less than k such as the example below:

figure h

The output obtained is zero, i.e. not correct, assuring that our proposed method is correct.

  • Case 4: Condition of Combining Shares and one false (intruder) share

Assume the shares available are less than k combined with one intruder false share such as the example shown below:

figure i

  • Case 5: Condition of Combining Shares and several false (intruder) shares

Assume the shares available are combined with several intruder false shares such as the example shown below:

figure j

The result shows completely wrong results which is expected.

  • Case 6: Condition of Combining Repeated Shares

figure k

The result shows completely wrong result which confirms the study expectation.

4.2 General examples as proof of concept

This general examples subsection presents different cases to clarify and compare the idea assuming simple different Target Key (TK) sizes. The study involved scenarios of variations of TK, i.e. TK = 4-bits, TK = 5-bits, TK = 6-bits, TK = 8bits, and TK = 12-bits, where the simplicity is only for describing the concept and cannot be used in real-life applications. Real-life examples need more large numbers involving minimum TK = 64-bits as password numbers involving 8 digits.

4.2.1 General Example 1 (TK = 4-Bits)

Consider the simple example of TK = 4-bits, with n = 4 shares, and k = 2 shares, where 2-keys are to be sufficient for retrieving TK. Observe the combination and their position counting of one-bits, which are computed as the following:

figure l

4.2.2 General Example 2 (TK = 5-Bits)

Assume the straightforward example of TK = 5-bits, with n = 6 shares, and k = 6 shares, such that all n = 6-keys are to be used for retrieving TK. The combination and their position counting of one-bits, which are detailed as the following:

figure m

4.2.3 General example 3 (TK = 6-Bits)

Consider the general example of TK = 6-bits, with n = 8 shares, and k = 2 shares. Observe the combination and their position counting of one-bits, which are studied as the following:

figure n

Involving Share 3 & 5, as any two shares scenario example, shows mistake, as follows:

figure o

4.2.4 General Example 4 (TK = 8-Bits)

Observe an example of TK = 8-bits, with n = 8 shares, and k = 5 shares, observe the combination and their position counting of one-bits, which are computed as the following:

figure p

The first n shares, i.e. for k = 5, are assumed to be used from our scheme can be as follows:

figure q

Note that the output only considered counting results ≥ k (5 in this case) getting correct answer.

Suppose the n shares selected are: Shares: 11,12,13,14,15, to be involved as follows:

figure r

4.2.5 General Example 5 (TK = 8-Bits)

Another complex example of TK = 8-bits, with n = 8 shares, and k = 4 shares, observe the combination and their position counting of one-bits, which are computed as the following:

figure s

Which proofed the condition to get the results back is to count the one-bits within the same location of the shares, whenever the counting result ≥k the output is one; otherwise the counting result <k and the output is zero.

figure t

We can have different shares in relation to the same TK as follows:

figure u

Consider this wrong scenario having fewer shares than needed in relation to the same TK as follows:

figure v

4.2.6 General Example 6 (TK = 12-Bits)

The final complex considered example is of TK = 12-bits, with n = 8 shares, and k = 3 shares, which is considered as a very simple real-life scenario. Observe the combination and their position counting of one-bits, which are presented as the following:

figure w

Suppose the n shares selected are: Shares: 1,2,3, to be involved as follows:

figure x

We can have different shares: 5,6,7, in relation to the same TK but giving error as follows:

figure y

The concept is that not all shares can be combined to provide the correct needed TK output. Selected shares necessitate to be verified for its validity together, then to be provided to the application for usage. A final correct shares selection scenario is given below:

figure z

5 Modeling & simulation

This section will present modeling and simulating of our counting-based secret sharing technique process. We will be covering the methods of generating the useful shares as well as the combining reconstruction scheme to generate the Target Key TK. The simulation platform used is MATLAB as briefed in next subsection. Then, the reconstruction scheme to generate the TK will be discussed. After that, the options of procedures for providing the appropriate secret shares n are presented, i.e. elaborating on the 1-bit method as well as the 2-bits method briefing their pros and cons.

5.1 Simulation platform

The proposed technique and its shares generation are all modeled via MATLAB on an Intel processor Core i7 PC of speed 2.39 GHz, Ram 8 GB, 64-bit operating system. The MATLAB code to reconstruct the target key as well as the code to generate the secret shares has been implemented in details using the available MATLAB version R2015a platform. MATLAB programming is used because of its simplicity, high-performance numerical computation, common data analysis, applicable visualization capabilities, and accessible application development tools. In addition, MATLAB functions are academically known easy to use; where a user interface function guides through the process. MATLAB also provides the ability to call external libraries, such as Open CV providing immediate access to thousands of fundamental and specialty functions written by experts. MATLAB has large user community with lots of open-access codes for knowledge sharing. Furthermore, all features found in MATLAB software platform can be documented clearly and elaborated with many examples.

5.2 Modeling counting-based secret sharing scheme to generate the target key

The proposed technique algorithm, as presented earlier in section 4, is implemented using MATLAB. The code is focusing on reconstructing the target key TK. The technique algorithm is modeled as the data-flow diagram shown in Fig. 2. The scheme interface is shown in Fig. 3 for the case of k = 2 for simplicity.

Fig. 2
figure 2

Modeling the scheme for TK reconstruction

Full size image
Fig. 3
figure 3

Implementation interface for TK reconstruction scheme

Full size image

5.3 Modeling the secret shares generation

The proposed secret sharing process (as Fig. 1) requires appropriate procedures for the n shares generation. All shares possibilities A can be easily offered where only the selected n shares are useful to our scheme, as discussed earlier. We propose two approaches for constructing the acceptable shares n for this counting-based secret sharing technique. Other different procedures for generating n shares can be thought of which are kept as open research studies to be followed as future work. The presented procedures options for providing the appropriate secret shares n are named as the 1-bit method as well as the 2-bits method. Both methods are modeled and simulated via MATLAB as follows.

5.3.1 Secret shares generation via 1-bit method

The n secret shares generation can be performed through this simple 1-bit method. The method is mainly considering the zero bits within the target key TK. Every share is selecting only one zero of TK flipping it to one producing it as a valid secret share. So every share of n is basically the target key TK but with one of its zero’s turned to one. This procedure, i.e. 1-bit method, is very simple to implement, fast to run, confirmed reliable, but limited in number of shares produced. I mean the value of n cannot be more than the number of zeros found within TK making it tight and data dependant. As the number of zeros within TK reduces, the number of n shares using this 1-bit method decreases. The method is formulated as data-flow model shown in Fig. 4. The implementation interface of the study MATLAB simulation is shown in Fig. 5 where a simplified example of TK = [1 0 0 1 0 0 1 0] is presented as below:

figure aa
Fig. 4
figure 4

Modeling the 1-bit shares generation method

Full size image
Fig. 5
figure 5

Implementation interface of running 1-bit shares generation method

Full size image

The underlined ones, i.e. within the example shares, are the changed zeros from TK. Note that this example of 1-bit shares generation method limited to number of zeros within TK is having n = 5 although the set of all possibilities of A can go theoretically to almost 28–1.

5.3.2 Secret shares generation via 2-bits method

The proposed 2-bits method for shares generation is built upon the 1-bit method as an extension. It is considering two-zeros after completing the 1-bit method one-zeros shares generation. The method begins by scanning the zeros within TK flipping them to ones as the 1-bit method followed by flipping 2-zeros per share generating applicable more shares. The only concern providing these more shares than previous 1-bit ones is its essential need for checking the values to be appropriate, i.e. useful shares before providing them to the participants. Not all the produced shares are practical for our counting-based TK reconstruction scheme. This n shares verification needs to be performed for the 2-bits method checking its applicability (to be part of n) which is not needed for the 1-bit method, as a complexity price paid to gain more shares. The method is formulated as data-flow model shown in Fig. 6.

Fig. 6
figure 6

Modeling the 2-bit shares generation method

Full size image

It is to be mentioned that other shares can be guessed and found working fine in some scenarios. However, these guessed shares cannot be confirmed appropriate for all scenarios of our counting-based secret sharing technique making avoiding them, i.e. for consistency of this 2-bits shares generation method.

To clarify the concept, the same simplified example of TK = [1 0 0 1 0 0 1 0] is used for the 2-bits method as presented below:

figure ab

The shares generated in the example above can be observed as shares 1–5 similar to result of the 1-bit method and shares 6–15 as the extension, making them all shares as output of 2-bits method. These shares generated cannot be used immediately when selecting k. The shares need to be tested for applicability, as discussed earlier, before using them. I mean the selection of n shares can change based on deciding the value of k. For our example, this testing of applicable shares to be used is found essential for k < 6. For example, assume k = 5, some useful sets of n shares to be used are:

$$ {\displaystyle \begin{array}{l}n=\left[1,2,3,4,5,6,7,8,10,11,13\right];n=\left[1,2,3,4,5,10,11,12,13,14,15\right];n=\left[1,2,3,4,5,7,8,9,10,14,15\right];\\ {}n=\left[1,2,3,4,5,6,7,8,10,11,14,15\right];n=\left[1,2,3,4,6,8,9,12,13,14,15\right];n=\left[2,3,4,7,8,9,10,12,14,15\right]\end{array}} $$

The selection test of appropriate shares can be achieved by parallel observation of the flipped bits of ones, i.e. the underlined ones within shares, counting their value to be less than k. This counting examination is consistent to the philosophy of our proposed counting-based secret sharing technique.

6 Comparison & analysis

The study implementation elaborated on the two methods of secret shares generation, i.e. 1-bit method and 2-bits method, considered for a range of Target Keys TK starting from 00 0000 (00 Hex) to 11 1111 (FF Hex). The study also considered security level of the chosen TK in relation to the possible shares generated. All the possible shares for TK [00 0000 (00 Hex) to 11 1111 (FF Hex)] generated by the software programmed simulation are summarized in Table 1. This list is further studied in this section for comparison and analysis. For example, consider in Table 1 TK = 10 0101 (25 Hex) can have only 3 possibilities using 1-bits method and 6 possibilities using 2-bits method. These shares possibilities are presented below:

figure ac
Table 1 Listing number of shares possibilities generated by proposed two methods
Full size table

It is observed clearly from the example of TK = 10 0101 (25 Hex) which is consistent to all the listed results in Table 1 that the secret shares generation in both methods depend exclusively on the available zeros within TK. This zero dependency within TK is expected in accordance to the main idea behind this proposed counting based secret sharing scheme. As the number of zeros increase, the shares to be generated get more providing options with increasing security to be utilized.

Some values in Table 1 shows the results “*error” in relation to specific TK values, such as: TK = 1F, 2F, 37, 3B, 3D, 3E, 3F. This error is declared due to the low number of zeros within TK content, i.e. just containing 1 bit of value zero or no zeros at all as in (3F). All the TK values with one zero or non are to be avoided because of the limitation in the shares generated according to this proposed counting method. Note that the one zero TK is just allowing one possible share which cannot be allowed in this system. The reconstruction of the TK back is trivially unsecure. For example, consider TK = 0 1 1 1 1 1 (1F Hex). The possible share can just be: 1 1 1 1 1 1 (3F Hex); which is also the share found for TK = 2F, 37, 3B, 3D, 3E. The TK = 3F Hex is not acceptable since no shares can be generated for it in this proposed system. To summarize, the system cannot accept TK with low number of zeros. The rule of applicable TK is that (TK number of zeros must be greater than 1) for the shares generation scheme to work with minimum security. The security level increase as the number of zeros in TK gets to be more as will be detailed next.

Note that the number of possible shares, as shown in Figs. 7 and 8, varies independent to the changing of TK value nor consistent to its homogenous increasing. It is based on the data-dependant zeros in TK building interesting security randomization view, which is considered enhancing the security of the proposed system.

Fig. 7
figure 7

Number of possible shares vs. Security for 1-bit method in relation to TK value

Full size image
Fig. 8
figure 8

Number of possible shares vs. Security for 2-bits method in relation to TK value

Full size image

Consider Fig. 7 for 1-bit method, the security of the systems can be classified based on the number of possible shares to high-security, medium- security, and low- security. As can be observed in Fig. 7, the TK alternatives are divided according to the number of shares pointing to the suggested selected TK values. In this discussion of TK ranging: 00-3F Hex, 1-bit method can choose high-security class within the TK having possible number of shares value 5 or more, such as TK = 0, 1, 2, 4, 8, 10, 20 Hex. Medium-security class of 1-bit method can be from selecting TK of possible shares with values 4 as TK = 3, 5, 6, 9, A, C, 11, 12, 14, 18, 21, 22, 24, 28, 30 Hex. Low-security class can be for the TK values of 3 or less, such as TK = 7, B, D, E, F, 13, 15, 16, 17, 19, 1A, 1B, 1C, 1 D, 1E, 23, 25, 26, 27, 29, 2A, 2B, 2C, 2D, 2E, 31, 32, 33, 35, 36, 38, 39, 3A, 3C Hex. All these low-security TK values are considered inappropriate to be chosen for safe applications, although they can work technically fine running the proposed counting based secret sharing system.

Similarly, 2-bits method can categorize the TK values to high- security, medium- security, and low- security selections, as observed in Fig. 8. High- security selection recommend the TK having possible number of shares value not less than 15, such as TK = 0, 1, 2, 4, 8, 10, 20 Hex. Medium-security class of 2-bits method can be from selecting TK of possible shares with values 10 as TK = 3, 5, 6, 9, A, C, 11, 12, 14, 18, 21, 22, 24, 28, 30 Hex. Low-security class can be for the TK values of 6 or less, such as TK = 7, B, D, E, F, 13, 15, 16, 17, 19, 1A, 1B, 1C, 1D, 1E, 23, 25, 26, 27, 29, 2A, 2B, 2C, 2D, 2E, 31, 32, 33, 35, 36, 38, 39, 3A, 3C Hex. All these low-security TK values are considered unsuitable to be used for safe applications, although they can work algorithmically perfect, similar to the 1-bit method, theoretically activating the proposed counting based secret sharing system.

Interestingly the categorization of security levels of the 1-bit method and the 2-bits method are found closely associated, as can be seen in Fig. 9. In other words, the same TK selections for high-security, medium-security, and low-security are found consistent within the 1-bit method and the 2-bits method, allowing the generalization of the selection to be verified acceptable.

Fig. 9
figure 9

Comparing the number of possible shares of every method in relation to TK value

Full size image

Statistically, considering the TK range 00-3F Hex providing the number of possibilities that can be expected to form the entire range of 56 options, however, the reality is different. As shown in Fig. 9, the reality gives low number of possibilities based on the TK valid alternatives. This number of possibilities for every target key TK case is directly proportional to the security level of the system. For example, the number of high-security TK possibilities is found to be 7 estimated as 12.5% of the total possible TK options making-up the assumption of high security percentage. The medium-security secret TK selections are found 15 alternatives out of 56, considered as 27% of the whole feasible TK. Finally, as obvious, the low-security TK pool is the largest. It is found allowing 34 possibilities out of 56, which is considered as 60.5% of the entire options. These statistical percentages values can be representative to real life applications as the number of bits of TK increase. The recommendation from this security level statistical analysis is to avoid working below high-security level, enforcing the real life applications to choose among large numbers.

7 Conclusion

This work proposed and implemented a new secret-sharing system that works based on parallel counting of the ones within the shares to generate the secret target key output. The work developed two different modeling variations for the secret shares generation, 1-bit method and the 2-bits method, where both are studied clearing their advantages and disadvantages. This counting-based secret sharing key study detailed the trade-off for selection process of number of secret shares vs. the target key based on the security level required by the application. Interestingly the study gave detailed examples to stress the differences in the target key preferences based on high, medium, and low security levels as needed according to the possible number of shares applicable to be used.

The three classification security levels of the 1-bit method and the 2-bits method are found data dependant related to the content of TK and its involvement of number of zeros. The TK selection is given possibility to be based on the security level required, which is found consistent within the 1-bit method as well as the 2-bits method. The simulation elaboration focused on possibilities of Target Keys TK ranging from 00 0000 (00 Hex) to 11 1111 (FF Hex) resulting the three levels of security as 12.5% high-security, 27% medium-security, and 60.5% low-security, as statistically option percentages to be considered. Notes that as the security level increase, the percentage reduce dramatically, which is the main drawback or price to be considered and studied as future research.

The modeling and simulation results have been very attractive allowing further innovation considerations in the shares generation methods. The proposed secret sharing system is described in a way believed to be simple and practical. It is working as seed for novel research to come to show improvements and modify this counting based secret sharing scheme making it specifically geared to the different applications. The research work and results are believed to be very attractive as a base for further research in this direction of secret sharing techniques and applications.