Publications

In this paper, we discuss coding theorems on a (2,2)–threshold scheme in the presence of an opponent who impersonates one of the two shareholders in an asymptotic setup. We consider a situation where n secrets S_n from a memoryless source is blockwisely encoded to two shares and the two shares are decoded to S_n with permitting negligible decoding error. We introduce correlation level of the two shares and characterize the minimum attainable rates of the shares and a uniform random number for realizing a (2,2)–threshold scheme that is secure against the impersonation attack by an opponent. It is shown that, if the correlation level between the two shares equals to an ℓ≥0, the minimum attainable rates coincide with H(S)+ℓ, where H(S) denotes the entropy of the source, and the maximum attainable exponent of the success probability of the impersonation attack equals to ℓ. We also give a simple construction of an encoder and a decoder using an ordinary (2,2)–threshold scheme where the two shares are correlated and attains all the bounds.