Benny Applebaum
ABSTRACT
A secret-sharing scheme enables a dealer to share a secret s among n parties such that only authorized subsets of parties, specified by a monotone access structure f:{0,1}n→{0,1}, can reconstruct s from their shares. Other subsets of parties learn nothing about s.
The question of minimizing the (largest) share size for a given f has been the subject of a large body of work. However, in most existing constructions for general access structures f, the share size is not much smaller than the size of some natural computational representation of the access structure f, a fact that has often been referred to as the “representation size barrier” in secret sharing.
In this work, we initiate a systematic study of succinct computational secret sharing (SCSS), where the secrecy requirement is computational and the goal is to substantially beat the representation size barrier. We obtain the following main results.
First, we introduce the notion of a projective PRG, a pseudorandom generator for which any subset of the output bits can be revealed while keeping the other output bits hidden, using a short projective seed. We construct projective PRGs with different levels of succinctness under a variety of computational assumptions, and apply them towards constructing SCSS for graph access structures, monotone CNF formulas, and (less succinctly) useful subclasses of monotone circuits and branching programs. Most notably, under the sub-exponential RSA assumption, we obtain a SCSS scheme that, given an arbitrary access structure f, represented by a truth table of size N=2n, produces shares of size polylog(N)=poly(n) in time Õ(N). For comparison, the share size of the best known information-theoretic schemes is O(N0.58).
Secondly, under the (minimal) assumption that one-way functions exist, we obtain a near-quadratic separation between the total share size of computational and information-theoretic secret sharing. This is the strongest separation one can hope for, given the state of the art in secret sharing lower bounds. We also construct SCSS schemes from one-way functions for useful classes of access structures, including forbidden graphs and monotone DNF formulas. This leads to constructions of fully-decomposable conditional disclosure of secrets (also known as privacy-free garbled circuits) for general functions, represented by a truth table of size N=2n, with share size polylog(N) and computation time Õ(N), assuming sub-exponentially secure one-way functions.
- Damiano Abram, Peter Scholl, and Sophia Yakoubov. 2022. Distributed (Correlation) Samplers: How to Remove a Trusted Dealer in One Round. In EUROCRYPT 2022 (LNCS, Vol. 13275). Springer, 790–820. https://doi.org/10.1007/978-3-031-06944-4_27
Google Scholar
Digital Library
- Bill Aiello, Yuval Ishai, and Omer Reingold. 2001. Priced Oblivious Transfer: How to Sell Digital Goods. In EUROCRYPT 2001 (LNCS, Vol. 2045). Springer, 118–134.
Google ScholarCross Ref
- Benny Applebaum, Amos Beimel, Oriol Farràs, Oded Nir, and Naty Peter. 2019. Secret-Sharing Schemes for General and Uniform Access Structures. In EUROCRYPT 2019 (LNCS, Vol. 11478). Springer, 441–471. https://doi.org/10.1007/978-3-030-17659-4_15
Google ScholarDigital Library
- Benny Applebaum, Amos Beimel, Oded Nir, and Naty Peter. 2020. Better secret sharing via robust conditional disclosure of secrets. In 52th STOC. ACM, 280–293. https://doi.org/10.1145/3357713.3384293
Google ScholarDigital Library
- Benny Applebaum, Amos Beimel, Oded Nir, Naty Peter, and Toniann Pitassi. 2022. Secret Sharing, Slice Formulas, and Monotone Real Circuits. In 13th ITCS (LIPIcs, Vol. 215). Schloss Dagstuhl - Leibniz-Zentrum für Informatik, 8:1–8:23. https://doi.org/10.4230/LIPIcs.ITCS.2022.8
Google ScholarCross Ref
- Benny Applebaum, Yuval Ishai, Eyal Kushilevitz, and Brent Waters. 2015. Encoding Functions with Constant Online Rate, or How to Compress Garbled Circuit Keys. SIAM J. on Computing, 44, 2 (2015), 433–466. https://doi.org/10.1137/130929643
Google ScholarDigital Library
- Benny Applebaum and Oded Nir. 2021. Upslices, Downslices, and Secret-Sharing with Complexity of 1.5^ n. In CRYPTO 2021. 12827, Springer, 627–655. https://doi.org/10.1007/978-3-030-84252-9_21
Google ScholarDigital Library
- Nuttapong Attrapadung. 2014. Dual System Encryption via Doubly Selective Security: Framework, Fully Secure Functional Encryption for Regular Languages, and More. In EUROCRYPT 2014 (LNCS, Vol. 8441). Springer, 557–577.
Google ScholarCross Ref
- László Babai, Anna Gál, and Avi Wigderson. 1999. Superpolynomial Lower Bounds for Monotone Span Programs. Combinatorica, 19, 3 (1999), 301–319.
Google ScholarCross Ref
- Amos Beimel and Oriol Farràs. 2020. The Share Size of Secret-Sharing Schemes for Almost All Access Structures and Graphs. In TCC 2020 (LNCS, Vol. 12552). Springer, 499–529.
Google Scholar
- Amos Beimel, Oriol Farràs, and Yuval Mintz. 2016. Secret-Sharing Schemes for Very Dense Graphs. J. of Cryptology, 29, 2 (2016), 336–362.
Google ScholarDigital Library
- Amos Beimel and Yuval Ishai. 2005. On the Power of Nonlinear Secret-Sharing. SIAM J. on Discrete Mathematics, 19, 1 (2005), 258–280.
Google ScholarDigital Library
- Amos Beimel, Yuval Ishai, Ranjit Kumaresan, and Eyal Kushilevitz. 2014. On the Cryptographic Complexity of the Worst Functions. In TCC 2014 (LNCS, Vol. 8349). Springer, 317–342.
Google Scholar
- Mihir Bellare and Phillip Rogaway. 2007. Robust computational secret sharing and a unified account of classical secret-sharing goals. In CCS 2017. ACM, 172–184.
Google Scholar
- Josh Cohen Benaloh and Jerry Leichter. 1990. Generalized Secret Sharing and Monotone Functions. In CRYPTO 1988 (LNCS, Vol. 403). Springer, 27–35.
Google Scholar
- Nir Bitansky, Ran Canetti, Sanjam Garg, Justin Holmgren, Abhishek Jain, Huijia Lin, Rafael Pass, Sidharth Telang, and Vinod Vaikuntanathan. 2018. Indistinguishability Obfuscation for RAM Programs and Succinct Randomized Encodings. SIAM J. Comput., 47, 3 (2018), 1123–1210. https://doi.org/10.1137/15M1050963
Google ScholarCross Ref
- G. Robert Blakley. 1979. Safeguarding Cryptographic Keys. In Proc. of the 1979 AFIPS National Computer Conference (AFIPS Conference proceedings, Vol. 48). AFIPS Press, 313–317.
Google ScholarCross Ref
- Carlo Blundo, Alfredo De Santis, Roberto De Simone, and Ugo Vaccaro. 1997. Tight Bounds on the Information Rate of Secret Sharing Schemes. Designs, Codes and Cryptography, 11, 2 (1997), 107–122.
Google ScholarDigital Library
- Dan Boneh, Craig Gentry, Sergey Gorbunov, Shai Halevi, Valeria Nikolaenko, Gil Segev, Vinod Vaikuntanathan, and Dhinakaran Vinayagamurthy. 2014. Fully Key-Homomorphic Encryption, Arithmetic Circuit ABE and Compact Garbled Circuits. In EUROCRYPT 2014 (LNCS, Vol. 8441). Springer, 533–556. https://doi.org/10.1007/978-3-642-55220-5_30
Google ScholarCross Ref
- Dan Boneh, Craig Gentry, and Brent Waters. 2005. Collusion Resistant Broadcast Encryption with Short Ciphertexts and Private Keys. In CRYPTO 2005 (LNCS, Vol. 3621). Springer, 258–275. https://doi.org/10.1007/11535218_16
Google ScholarDigital Library
- Elette Boyle, Geoffroy Couteau, Niv Gilboa, Yuval Ishai, Lisa Kohl, and Peter Scholl. 2019. Efficient Pseudorandom Correlation Generators: Silent OT Extension and More. In CRYPTO 2019 (LNCS, Vol. 11694). Springer, 489–518. https://doi.org/10.1007/978-3-030-26954-8_16
Google ScholarDigital Library
- Ernest F. Brickell and Daniel M. Davenport. 1991. On the Classification of Ideal Secret Sharing Schemes. J. of Cryptology, 4, 73 (1991), 123–134.
Google ScholarDigital Library
- Ernest F. Brickell and Douglas R. Stinson. 1992. Some Improved Bounds on the Information Rate of Perfect Secret Sharing Schemes. J. of Cryptology, 5, 3 (1992), 153–166.
Google ScholarDigital Library
- Christian Cachin. 1995. On-Line Secret Sharing. In Cryptography and Coding, 5th IMA Conference (LNCS, Vol. 1025). Springer, 190–198.
Google Scholar
- Renato M. Capocelli, Alfredo De Santis, Luisa Gargano, and Ugo Vaccaro. 1993. On the Size of Shares for Secret Sharing Schemes. J. of Cryptology, 6, 3 (1993), 157–168.
Google ScholarDigital Library
- Chongwon Cho, Nico Döttling, Sanjam Garg, Divya Gupta, Peihan Miao, and Antigoni Polychroniadou. 2017. Laconic Oblivious Transfer and Its Applications. In CRYPTO 2017 (LNCS, Vol. 10402). Springer, 33–65. https://doi.org/10.1007/978-3-319-63715-0_2
Google ScholarCross Ref
- László Csirmaz. 1996. The dealer’s random bits in perfect secret sharing schemes. Studia Sci. Math. Hungar., 32, 3–4 (1996), 429–437.
Google Scholar
- László Csirmaz. 1997. The Size of a Share Must Be Large. J. of Cryptology, 10, 4 (1997), 223–231.
Google ScholarDigital Library
- László Csirmaz. 2005. Secret sharing schemes on graphs. Cryptology ePrint Archive. eprint.iacr.org/
Google Scholar
- László Csirmaz. 2009. An impossibility result on graph secret sharing. Designs, Codes and Cryptography, 53, 3 (2009), 195–209.
Google ScholarDigital Library
- László Csirmaz. 2015. Secret sharing on the d-dimensional cube. Designs, Codes and Cryptography, 74, 3 (2015), 719–729.
Google ScholarDigital Library
- László Csirmaz and Gábor Tardos. 2013. Optimal Information Rate of Secret Sharing Schemes on Trees. IEEE Trans. Inf. Theory, 59, 4 (2013), 2527–2530. https://doi.org/10.1109/TIT.2012.2236958
Google ScholarDigital Library
- Nico Döttling, Sanjam Garg, Yuval Ishai, Giulio Malavolta, Tamer Mour, and Rafail Ostrovsky. 2019. Trapdoor Hash Functions and Their Applications. In CRYPTO 2019 (LNCS, Vol. 11694). Springer, 3–32. https://doi.org/10.1007/978-3-030-26954-8_1
Google ScholarDigital Library
- Paul Erdös and László Pyber. 1997. Covering a graph by complete bipartite graphs. Discrete Mathematics, 170, 1–3 (1997), 249–251.
Google ScholarCross Ref
- Oriol Farràs, Tarik Kaced, Sebastià Martín, and Carles Padró. 2018. Improving the Linear Programming Technique in the Search for Lower Bounds in Secret Sharing. In EUROCRYPT 2018 (LNCS). Springer-Verlag, 597–621.
Google Scholar
- Paul Feldman. 1987. A Practical Scheme for Non-interactive Verifiable Secret Sharing. In 19th STOC. 427–437.
Google Scholar
- Amos Fiat and Moni Naor. 1994. Broadcast Encryption. In CRYPTO 1993 (LNCS, Vol. 773). Springer, 480–491.
Google Scholar
- Tore Kasper Frederiksen, Jesper Buus Nielsen, and Claudio Orlandi. 2015. Privacy-Free Garbled Circuits with Applications to Efficient Zero-Knowledge. In EUROCRYPT 2015 (LNCS, Vol. 9057). Springer, 191–219. https://doi.org/10.1007/978-3-662-46803-6_7
Google ScholarCross Ref
- Romain Gay, Iordanis Kerenidis, and Hoeteck Wee. 2015. Communication Complexity of Conditional Disclosure of Secrets and Attribute-Based Encryption. In CRYPTO 2015 (LNCS, Vol. 9216). Springer, 485–502.
Google Scholar
- Yael Gertner, Yuval Ishai, Eyal Kushilevitz, and Tal Malkin. 2000. Protecting Data Privacy in Private Information Retrieval Schemes. J. of Computer and System Sciences, 60, 3 (2000), 592–629.
Google ScholarDigital Library
- Oded Goldreich. 2001. The Foundations of Cryptography - Volume 1: Basic Techniques. Cambridge University Press.
Google Scholar
- Oded Goldreich, Shafi Goldwasser, and Silvio Micali. 1986. How to Construct Random Functions. J. of the ACM, 33, 4 (1986), 792–807.
Google ScholarDigital Library
- Shai Halevi, Yuval Ishai, Abhishek Jain, Eyal Kushilevitz, and Tal Rabin. 2016. Secure Multiparty Computation with General Interaction Patterns. In ITCS 2016. ACM, 157–168. https://doi.org/10.1145/2840728.2840760
Google ScholarDigital Library
- Johan Håstad, Russell Impagliazzo, Leonid A. Levin, and Michael Luby. 1999. Construction of a pseudo-random generator from any one-way function. SIAM J. on Computing, 28, 4 (1999), 1364–1396.
Google ScholarDigital Library
- Pavel Hubácek and Daniel Wichs. 2015. On the Communication Complexity of Secure Function Evaluation with Long Output. In ITCS 2015. ACM, 163–172. https://doi.org/10.1145/2688073.2688105
Google ScholarDigital Library
- Yuval Ishai, Omkant Pandey, and Amit Sahai. 2015. Public-Coin Differing-Inputs Obfuscation and Its Applications. In TCC 2015 (LNCS, Vol. 9015). Springer, 668–697. https://doi.org/10.1007/978-3-662-46497-7_26
Google ScholarCross Ref
- Yuval Ishai and Hoeteck Wee. 2014. Partial Garbling Schemes and Their Applications. In 41st ICALP. 650–662.
Google Scholar
- Mitsuru Ito, Akira Saito, and Takao Nishizeki. 1987. Secret Sharing Schemes Realizing General Access Structure. In Globecom 1987. 99–102. Journal version: Multiple assignment scheme for sharing secret. J. of Cryptology 6(1), 15-20, (1993)
Google ScholarDigital Library
- Aayush Jain, Huijia Lin, and Amit Sahai. 2022. Indistinguishability Obfuscation from LPN over F_p, DLIN, and PRGs in NC^0. In EUROCRYPT 2022 (LNCS, Vol. 13275). Springer, 670–699. https://doi.org/10.1007/978-3-031-06944-4_23
Google ScholarDigital Library
- Mauricio Karchmer and Avi Wigderson. 1993. On Span Programs. In Proc. of the 8th IEEE Structure in Complexity Theory. 102–111.
Google ScholarCross Ref
- Ehud D. Karnin, Jonathan W. Greene, and Martin E. Hellman. 1983. On Secret Sharing Systems. IEEE Trans. on Information Theory, 29, 1 (1983), 35–41.
Google ScholarDigital Library
- Ilan Komargodski, Moni Naor, and Eylon Yogev. 2017. Secret-Sharing for NP. J. Cryptol., 30, 2 (2017), 444–469.
Google ScholarDigital Library
- Venkata Koppula, Allison Bishop Lewko, and Brent Waters. 2015. Indistinguishability Obfuscation for Turing Machines with Unbounded Memory. In 45th STOC. ACM, 419–428. https://doi.org/10.1145/2746539.2746614
Google ScholarDigital Library
- Hugo Krawczyk. 1994. Secret Sharing Made Short. In CRYPTO 1993 (LNCS, Vol. 773). Springer, 136–146.
Google Scholar
- Kasper Green Larsen and Mark Simkin. 2020. Secret Sharing Lower Bound: Either Reconstruction is Hard or Shares are Long. In SCN 2020 (LNCS, Vol. 12238). Springer, 566–578.
Google ScholarDigital Library
- Tianren Liu and Vinod Vaikuntanathan. 2018. Breaking the circuit-size barrier in secret sharing. In 48th STOC. 699–708. https://doi.org/10.1145/3188745.3188936
Google ScholarDigital Library
- Tianren Liu, Vinod Vaikuntanathan, and Hoteck Wee. 2017. Conditional Disclosure of Secrets via Non-linear Reconstruction. In CRYPTO 2017 (LNCS, Vol. 10401). Springer, 758–790.
Google ScholarCross Ref
- Tianren Liu, Vinod Vaikuntanathan, and Hoteck Wee. 2018. Towards Breaking the Exponential Barrier for General Secret Sharing. In EUROCRYPT 2018 (LNCS). Springer, 758–790.
Google Scholar
- Vanga Odelu, Ashok Kumar Das, Muhammad Khurram Khan, Kim-Kwang Raymond Choo, and Minho Jo. 2017. Expressive CP-ABE Scheme for Mobile Devices in IoT Satisfying Constant-Size Keys and Ciphertexts. IEEE Access, 5 (2017), 3273–3283. https://doi.org/10.1109/ACCESS.2017.2669940
Google ScholarCross Ref
- Torben P. Pedersen. 1991. Non-Interactive and Information-Theoretic Secure Verifiable Secret Sharing. In CRYPTO 1991 (LNCS, Vol. 576). Springer, 129–140.
Google Scholar
- Toniann Pitassi and Robert Robere. 2017. Strongly exponential lower bounds for monotone computation. In 47th STOC. 1246–1255.
Google Scholar
- Willy Quach, Hoeteck Wee, and Daniel Wichs. 2018. Laconic Function Evaluation and Applications. In 59th FOCS. IEEE Computer Society, 859–870. https://doi.org/10.1109/FOCS.2018.00086
Google ScholarCross Ref
- Adi Shamir. 1979. How to Share a Secret. Commun. ACM, 22 (1979), 612–613.
Google ScholarDigital Library
- Hung-Min Sun and Shiuh-Pyng Shieh. 1997. Secret Sharing in Graph-Based Prohibited Structures. In INFOCOM 1997. 718–724.
Google Scholar
- Vinod Vaikuntanathan, Arvind Narayanan, Kannan Srinathan, C. Pandu Rangan, and Kwangjo Kim. 2003. On the Power of Computational Secret Sharing. In Indocrypt 2003 (LNCS, Vol. 2904). Springer, 162–176.
Google Scholar
- Vinod Vaikuntanathan and Prashant Nalini Vasudevan. 2015. Secret Sharing and Statistical Zero Knowledge. In ASIACRYPT 2015. 656–680.
Google Scholar
- Marten van Dijk. 1995. On the Information Rate of Perfect Secret Sharing Schemes. Designs, Codes and Cryptography, 6, 2 (1995), 143–169.
Google ScholarDigital Library
- Hoeteck Wee. 2014. Dual System Encryption via Predicate Encodings. In TCC 2014 (LNCS, Vol. 8349). Springer, 616–637.
Google ScholarCross Ref
- Andrew Chi-Chih Yao. 1989. Unpublished manuscript. Presented at Oberwolfach and DIMACS workshops
Google Scholar
Index Terms
- Succinct Computational Secret Sharing
Recommendations
Fair secret reconstruction in (t, n) secret sharing
In Shamir's (t, n) threshold secret sharing scheme, one secret s is divided into n shares by a dealer and all shares are shared among n shareholders, such that knowing t or more than t shares can reconstruct this secret; but knowing fewer than t shares ...
Strong (n,t,n) verifiable secret sharing scheme
A (t,n) secret sharing divides a secret into n shares in such a way that any t or more than t shares can reconstruct the secret; but fewer than t shares cannot reconstruct the secret. In this paper, we extend the idea of a (t,n) secret sharing scheme ...
Secret sharing with secure secret reconstruction
AbstractThreshold secret sharing is a fundamental building block in information security to provide secrecy and robustness services for various cryptographic protocols. According to the definition of (t, n) threshold secret sharing, the secret ...
Comments