中文摘要：

针对部分多秘密共享方案的安全性依赖于单一系数的问题，基于双线性对和 Shamir 门限体制，设计了一种可公开验证的多秘密共享方案。在该方案中，参与者的私钥计算和秘密分发过程分离，参与者私钥由参与者自己选择且只需保存一个私钥，就可以实现共享任意多个秘密。在秘密分发阶段和秘密恢复阶段具有可公开验证性，任何人都可以验证秘密份额的正确性，有效防止了不诚实参与者和分发者的欺诈行为。秘密分发者与参与者在公开信道中传输信息而不需要维护一个秘密信道，降低了系统开销。多秘密的共享分布在多个系数当中，单个系数或秘密的泄漏不会造成其他秘密的泄露，同时椭圆曲线离散对数和双线性Diffie-Hellman问题的求解困难性，确保了方案的安全性。最后对方案的正确性和拓展性等给出了数学证明和理论分析。

英文摘要：

Aimed at the problem that the security of some multi-secret snaring scnemes only depends on a single coefficient, and based on the bilinear pairings and the Shamir threshold scheme, this paper proposes a public verifiable secret scheme. In the scheme, the secret key computation of participant is apart from the process of secret distribution. The secret key is chosen by the participant himself and the participant only needs to keep one secret key. By so doing the multi- secrets sharing at will in the process can be realized. The public verifiable scheme is effectively applied in the process of the secret distribution and the secret recovery , so that anyone could be able to verify the correctness of the share to effectively prevent the dishon- est participant and the dealer from cheating. The dealer and the participant transmit information through the public channel rather than the secret channel, thus reducing the system costs. The sharing of multiseeret lies in multiple coefficients, and the leak of a single coefficient or secret does not lead to the leak of other secrets. By using the Elliptic Curve Discrete Logarithm Problem and Bilinear Diffie-Hellman Problem, the security of the scheme is guaranteed. At last, mathematical proof and theoretical analysis of validity and expansion of the scheme are given.