nach oben

Erschienen in:

2018 | OriginalPaper | Buchkapitel

Towards Breaking the Exponential Barrier for General Secret Sharing

verfasst von : Tianren Liu, Vinod Vaikuntanathan, Hoeteck Wee

Erschienen in: Advances in Cryptology – EUROCRYPT 2018

Verlag: Springer International Publishing

Einloggen

Aktivieren Sie unsere intelligente Suche, um passende Fachinhalte oder Patente zu finden.

search-config

KI-gestützte Suche

Aus

Abstract

A secret-sharing scheme for a monotone Boolean (access) function \(F: \{0,1\}^n \rightarrow \{0,1\}\) is a randomized algorithm that on input a secret, outputs n shares \(s_1,\ldots ,s_n\) such that for any \((x_1,\ldots ,x_n) \in \{0,1\}^n\), the collection of shares \( \{ s_i : x_i = 1 \}\) determine the secret if \(F(x_1,\ldots ,x_n)=1\) and reveal nothing about the secret otherwise. The best secret sharing schemes for general monotone functions have shares of size \(\varTheta (2^n)\). It has long been conjectured that one cannot do much better than \(2^{\varOmega (n)}\) share size, and indeed, such a lower bound is known for the restricted class of linear secret-sharing schemes.

In this work, we refute two natural strengthenings of the above conjecture:

First, we present secret-sharing schemes for a family of \(2^{2^{n/2}}\) monotone functions over \(\{0,1\}^n\) with sub-exponential share size \(2^{O(\sqrt{n} \log n)}\). This unconditionally refutes the stronger conjecture that circuit size is, within polynomial factors, a lower bound on the share size.
Second, we disprove the analogous conjecture for non-monotone functions. Namely, we present “non-monotone secret-sharing schemes” for every access function over \(\{0,1\}^n\) with shares of size \(2^{O(\sqrt{n} \log n)}\).

Our construction draws upon a rich interplay amongst old and new problems in information-theoretic cryptography: from secret-sharing, to multi-party computation, to private information retrieval. Along the way, we also construct the first multi-party conditional disclosure of secrets (CDS) protocols for general functions \(F:\{0,1\}^n \rightarrow \{0,1\}\) with communication complexity \(2^{O(\sqrt{n} \log n)}\).

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

über 102.000 Bücher
über 537 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Finance + Banking
Management + Führung
Marketing + Vertrieb
Maschinenbau + Werkstoffe
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 390 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Maschinenbau + Werkstoffe

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 340 Zeitschriften

aus folgenden Fachgebieten:

Bauwesen + Immobilien
Business IT + Informatik
Finance + Banking
Management + Führung
Marketing + Vertrieb
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Vorheriges Kapitel Anonymous IBE, Leakage Resilience and Circular Security from New Assumptions

Nächstes Kapitel Improving the Linear Programming Technique in the Search for Lower Bounds in Secret Sharing

Nur mit Berechtigung zugänglich

The typical formulation of secret-sharing refers to a dealer that holds a secret distributing shares to n parties, such that only certain subsets of parties —described by a so-called access structure— can reconstruct the secret. In our formulation, the randomized algorithm corresponds to the dealer, \(s_i\) corresponds to the share given to party i, \(x_i \in \{0,1\}\) indicates whether party i is present in a subset, and F corresponds to the access structure.

The same secret-sharing algorithm can be used to realizing as many as n! different access functions by permuting the parties. This trick comes from the nature of secret sharing, thus two access functions is equivalent if one is the composition of a permutation and the other, and Conjecture 1 should be stated on the number of equivalence classes in \(F_n\). Assuming \(|F_n| \gg n!\) has essentially the same effect.

We will make the precise sense of how the parties “jointly” hold the index clear in a little bit, but roughly speaking, the reader should imagine that each party holds \(\lceil (\log N) / k \rceil \) bits of the index.

[BBR94]

Barrington, D.A.M., Beigel, R., Rudich, S.: Representing boolean functions as polynomials modulo composite numbers. Comput. Complex. 4, 367–382 (1994)MathSciNetCrossRefMATH

[BDL12]

Bhowmick, A., Dvir, Z., Lovett, S.: New lower bounds for matching vector codes. CoRR, abs/1204.1367 (2012)

[Bei11]

Beimel, A.: Secret-sharing schemes: a survey. In: Chee, Y.M., Guo, Z., Ling, S., Shao, F., Tang, Y., Wang, H., Xing, C. (eds.) IWCC 2011. LNCS, vol. 6639, pp. 11–46. Springer, Heidelberg (2011). https://doi.org/10.1007/978-3-642-20901-7_2CrossRef

[BF98]

Babai, L., Frankl, P.: Linear algebra methods in combinatorics (1998)

[BGP95]

Beimel, A., Gál, A., Paterson, M.: Lower bounds for monotone span programs. In: FOCS, pp. 674–681 (1995)

[BGW99]

Babai, L., Gál, A., Wigderson, A.: Superpolynomial lower bounds for monotone span programs. Combinatorica 19(3), 301–319 (1999)MathSciNetCrossRefMATH

[BI01]

Beimel, A., Ishai, Y.: On the power of nonlinear secret-sharing. In: Proceedings of the 16th Annual IEEE Conference on Computational Complexity, Chicago, 18–21 June 2001, pp. 188–202. IEEE Computer Society (2001)

[BIKK14]

Beimel, A., Ishai, Y., Kumaresan, R., Kushilevitz, E.: On the cryptographic complexity of the worst functions. In: Lindell, Y. (ed.) TCC 2014. LNCS, vol. 8349, pp. 317–342. Springer, Heidelberg (2014). https://doi.org/10.1007/978-3-642-54242-8_14CrossRef

[BL88]

Benaloh, J.C., Leichter, J.: Generalized secret sharing and monotone functions. In: Proceedings of the 8th Annual International Cryptology Conference on Advances in Cryptology, CRYPTO 1988, Santa Barbara, 21–25 August 1988, pp. 27–35 (1988)

[Bla79]

Blakley, G.R.: Safeguarding cryptographic keys. In: Proceedings of AFIPS 1979 National Computer Conference, pp. 313–317 (1979)

[CFIK03]

Cramer, R., Fehr, S., Ishai, Y., Kushilevitz, E.: Efficient multi-party computation over rings. In: Biham, E. (ed.) EUROCRYPT 2003. LNCS, vol. 2656, pp. 596–613. Springer, Heidelberg (2003). https://doi.org/10.1007/3-540-39200-9_37CrossRef

[CKGS98]

Chor, B., Kushilevitz, E., Goldreich, O., Sudan, M.: Private information retrieval. J. ACM 45(6), 965–981 (1998)MathSciNetCrossRefMATH

[Csi97]

Csirmaz, L.: The size of a share must be large. J. Cryptol. 10(4), 223–231 (1997)MathSciNetCrossRefMATH

[DG15]

Dvir, Z., Gopi, S.: 2-server PIR with sub-polynomial communication. In: STOC, pp. 577–584 (2015)

[DGY11]

Dvir, Z., Gopalan, P., Yekhanin, S.: Matching vector codes. SIAM J. Comput. 40(4), 1154–1178 (2011)MathSciNetCrossRefMATH

[Efr12]

Efremenko, K.: 3-query locally decodable codes of subexponential length, vol. 41, pp. 1694–1703 (2012)

[FKN94]

Feige, U., Kilian, J., Naor, M.: A minimal model for secure computation (extended abstract). In: Leighton, F.T., Goodrich, M.T. (eds.) Proceedings of the Twenty-Sixth Annual ACM Symposium on Theory of Computing, 23–25 May 1994, Montréal, pp. 554–563. ACM (1994)

[GIKM00]

Gertner, Y., Ishai, Y., Kushilevitz, E., Malkin, T.: Protecting data privacy in private information retrieval schemes. J. Comput. Syst. Sci. 60(3), 592–629 (2000)MathSciNetCrossRefMATH

[GKW15]

Gay, R., Kerenidis, I., Wee, H.: Communication complexity of conditional disclosure of secrets and attribute-based encryption. In: Gennaro, R., Robshaw, M. (eds.) CRYPTO 2015. LNCS, vol. 9216, pp. 485–502. Springer, Heidelberg (2015). https://doi.org/10.1007/978-3-662-48000-7_24CrossRef

[GPSW06]

Goyal, V., Pandey, O., Sahai, A., Waters, B.: Attribute-based encryption for fine-grained access control of encrypted data. In: ACM Conference on Computer and Communications Security, pp. 89–98 (2006)

[Gro00]

Grolmusz, V.: Superpolynomial size set-systems with restricted intersections mod 6 and explicit ramsey graphs. Combinatorica 20(1), 71–86 (2000)MathSciNetCrossRefMATH

[IK97]

Ishai, Y., Kushilevitz, E.: Private simultaneous messages protocols with applications. In: ISTCS, pp. 174–184 (1997)

[IK00]

Ishai, Y., Kushilevitz, E.: Randomizing polynomials: a new representation with applications to round-efficient secure computation. In: 41st Annual Symposium on Foundations of Computer Science, FOCS 2000, 12–14 November 2000, Redondo Beach, pp. 294–304. IEEE Computer Society (2000)

[IK02]

Ishai, Y., Kushilevitz, E.: Perfect constant-round secure computation via perfect randomizing polynomials. In: Widmayer, P., Eidenbenz, S., Triguero, F., Morales, R., Conejo, R., Hennessy, M. (eds.) ICALP 2002. LNCS, vol. 2380, pp. 244–256. Springer, Heidelberg (2002). https://doi.org/10.1007/3-540-45465-9_22CrossRef

[ISN89]

Ito, M., Saito, A., Nishizeki, T.: Secret sharing scheme realizing general access structure. Electron. Commun. Jpn. (Part III Fundam. Electron. Sci.) 72(9), 56–64 (1989)MathSciNetCrossRef

[IW14]

Ishai, Y., Wee, H.: Partial garbling schemes and their applications. In: Esparza, J., Fraigniaud, P., Husfeldt, T., Koutsoupias, E. (eds.) ICALP 2014. LNCS, vol. 8572, pp. 650–662. Springer, Heidelberg (2014). https://doi.org/10.1007/978-3-662-43948-7_54

[KW93]

Karchmer, M., Wigderson, A.: On span programs. In: Structure in Complexity Theory Conference, pp. 102–111. IEEE Computer Society (1993)

[LVW17]

Liu, T., Vaikuntanathan, V., Wee, H.: Conditional disclosure of secrets via non-linear reconstruction. In: Katz, J., Shacham, H. (eds.) CRYPTO 2017. LNCS, vol. 10401, pp. 758–790. Springer, Cham (2017). https://doi.org/10.1007/978-3-319-63688-7_25CrossRef

[OSW07]

Ostrovsky, R., Sahai, A., Waters, B.: Attribute-based encryption with non-monotonic access structures. In: ACM Conference on Computer and Communications Security, pp. 195–203 (2007)

[PR17]

Pitassi, T., Robere, R.: Lifting nullstellensatz to monotone span programs over any field. Electron. Colloq. Comput. Compl. (ECCC) 24, 165 (2017)

[RPRC16]

Robere, R., Pitassi, T., Rossman, B., Cook, S.A.: Exponential lower bounds for monotone span programs. In: FOCS, pp. 406–415 (2016)

[Sha79]

Shamir, A.: How to share a secret. Commun. ACM 22(11), 612–613 (1979)MathSciNetCrossRefMATH

[VV15]

Vaikuntanathan, V., Vasudevan, P.N.: Secret sharing and statistical zero knowledge. In: Iwata, T., Cheon, J.H. (eds.) ASIACRYPT 2015. LNCS, vol. 9452, pp. 656–680. Springer, Heidelberg (2015). https://doi.org/10.1007/978-3-662-48797-6_27CrossRef

[WY05]

Woodruff, D.P., Yekhanin, S.: A geometric approach to information-theoretic private information retrieval. In: CCC, pp. 275–284 (2005)

[Yek08]

Yekhanin, S.: Towards 3-query locally decodable codes of subexponential length. J. ACM 55(1), 1:1–1:16 (2008)MathSciNetCrossRefMATH

Titel: Towards Breaking the Exponential Barrier for General Secret Sharing
verfasst von: Tianren Liu
Vinod Vaikuntanathan
Hoeteck Wee
Verlag: Springer International Publishing
Buch: Advances in Cryptology – EUROCRYPT 2018
Print ISBN: 978-3-319-78380-2

Electronic ISBN: 978-3-319-78381-9

Copyright-Jahr: 2018
DOI: https://doi.org/10.1007/978-3-319-78381-9_21

Springer Professional

Abstract

Bitte loggen Sie sich ein, um Zugang zu Ihrer Lizenz zu erhalten.

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft+Technik"

Springer Professional "Technik"

Springer Professional "Wirtschaft"

Premium Partner