On Polynomial Secret Sharing Schemes

Authors Anat Paskin-Cherniavsky, Radune Artiom

Thumbnail PDF


  • Filesize: 0.55 MB
  • 21 pages

Document Identifiers

Author Details

Anat Paskin-Cherniavsky
  • Ariel University, Ariél, Israel
Radune Artiom
  • Ariel University, Ariél, Israel
  • The Open University, Raanana, Israel

Cite AsGet BibTex

Anat Paskin-Cherniavsky and Radune Artiom. On Polynomial Secret Sharing Schemes. In 1st Conference on Information-Theoretic Cryptography (ITC 2020). Leibniz International Proceedings in Informatics (LIPIcs), Volume 163, pp. 12:1-12:21, Schloss Dagstuhl – Leibniz-Zentrum für Informatik (2020)


Nearly all secret sharing schemes studied so far are linear or multi-linear schemes. Although these schemes allow to implement any monotone access structure, the share complexity, SC, may be suboptimal - there are access structures for which the gap between the best known lower bounds and best known multi-linear schemes is exponential. There is growing evidence in the literature, that non-linear schemes can improve share complexity for some access structures, with the work of Beimel and Ishai (CCC '01) being among the first to demonstrate it. This motivates further study of non linear schemes. We initiate a systematic study of polynomial secret sharing schemes (PSSS), where shares are (multi-variate) polynomials of secret and randomness vectors ~s,~r respectively over some finite field 𝔽_q. Our main hope is that the algebraic structure of polynomials would help obtain better lower bounds than those known for the general secret sharing. Some of the initial results we prove in this work are as follows. On share complexity of polynomial schemes. First we study degree (at most) 1 in randomness variables ~r (where the degree of secret variables is unlimited). We have shown that for a large subclass of these schemes, there exist equivalent multi-linear schemes with O(n) share complexity overhead. Namely, PSSS where every polynomial misses monomials of exact degree c≥ 2 in ~s and 0 in ~r, and PSSS where all polynomials miss monomials of exact degree ≥ 1 in ~s and 1 in ~r. This translates the known lower bound of Ω(n^{log(n)}) for multi linear schemes onto a class of schemes strictly larger than multi linear schemes, to contrast with the best Ω(n²/log(n)) bound known for general schemes, with no progress since 94'. An observation in the positive direction we make refers to the share complexity (per bit) of multi linear schemes (polynomial schemes of total degree 1). We observe that the scheme by Liu et. al obtaining share complexity O(2^{0.994n}) can be transformed into a multi-linear scheme with similar share complexity per bit, for sufficiently long secrets. For the next natural degree to consider, 2 in ~r, we have shown that PSSS where all share polynomials are of exact degree 2 in ~r (without exact degree 1 in ~r monomials) where 𝔽_q has odd characteristic, can implement only trivial access structures where the minterms consist of single parties. Obtaining improved lower bounds for degree-2 in ~r PSSS, and even arbitrary degree-1 in ~r PSSS is left as an interesting open question. On the randomness complexity of polynomial schemes. We prove that for every degree-2 polynomial secret sharing scheme, there exists an equivalent degree-2 scheme with identical share complexity with randomness complexity, RC, bounded by 2^{poly(SC)}. For general PSSS, we obtain a similar bound on RC (preserving SC and 𝔽_q but not degree). So far, bounds on randomness complexity were known only for multi linear schemes, demonstrating that RC ≤ SC is always achievable. Our bounds are not nearly as practical as those for multi-linear schemes, and should be viewed as a proof of concept. If a much better bound for some degree bound d=O(1) is obtained, it would lead directly to super-polynomial counting-based lower bounds for degree-d PSSS over constant-sized fields. Another application of low (say, polynomial) randomness complexity is transforming polynomial schemes with polynomial-sized (in n) algebraic formulas C(~s,~r) for each share, into a degree-3 scheme with only polynomial blowup in share complexity, using standard randomizing polynomials constructions.

Subject Classification

ACM Subject Classification
  • Theory of computation
  • Theory of computation → Cryptographic primitives
  • Secret sharing
  • polynomial
  • lower bounds
  • linear program


  • Access Statistics
  • Total Accesses (updated on a weekly basis)
    PDF Downloads


  1. Benny Applebaum and Barak Arkis. Conditional disclosure of secrets and d-uniform secret sharing with constant information rate. IACR Cryptology ePrint Archive, 2018:1, 2018. URL: http://eprint.iacr.org/2018/001.
  2. Benny Applebaum, Amos Beimel, Oded Nir, and Naty Peter. Better secret-sharing via robust conditional disclosure of secrets. Electronic Colloquium on Computational Complexity (ECCC), 27:8, 2020. URL: https://eccc.weizmann.ac.il/report/2020/008.
  3. Benny Applebaum and Prashant Nalini Vasudevan. Placing conditional disclosure of secrets in the communication complexity universe. In Avrim Blum, editor, 10th Innovations in Theoretical Computer Science Conference, ITCS 2019, January 10-12, 2019, San Diego, California, USA, volume 124 of LIPIcs, pages 4:1-4:14. Schloss Dagstuhl - Leibniz-Zentrum fuer Informatik, 2019. URL: https://doi.org/10.4230/LIPIcs.ITCS.2019.4.
  4. Amos Beimel. Secret-sharing schemes: A survey. In Yeow Meng Chee, Zhenbo Guo, San Ling, Fengjing Shao, Yuansheng Tang, Huaxiong Wang, and Chaoping Xing, editors, Coding and Cryptology, pages 11-46, Berlin, Heidelberg, 2011. Springer Berlin Heidelberg. Google Scholar
  5. Amos Beimel and Yuval Ishai. On the power of nonlinear secret-sharing. IACR Cryptology ePrint Archive, 2001:30, 2001. URL: http://eprint.iacr.org/2001/030.
  6. Michael Ben-Or, Shafi Goldwasser, and Avi Wigderson. Completeness theorems for non-cryptographic fault-tolerant distributed computation (extended abstract). In Janos Simon, editor, Proceedings of the 20th Annual ACM Symposium on Theory of Computing, May 2-4, 1988, Chicago, Illinois, USA, pages 1-10. ACM, 1988. URL: https://doi.org/10.1145/62212.62213.
  7. Josh Cohen Benaloh and Jerry Leichter. Generalized secret sharing and monotone functions. In Shafi Goldwasser, editor, Advances in Cryptology - CRYPTO '88, 8th Annual International Cryptology Conference, Santa Barbara, California, USA, August 21-25, 1988, Proceedings, volume 403 of Lecture Notes in Computer Science, pages 27-35. Springer, 1988. URL: https://doi.org/10.1007/0-387-34799-2_3.
  8. Josh Cohen Benaloh and Jerry Leichter. Generalized secret sharing and monotone functions. In Shafi Goldwasser, editor, Advances in Cryptology - CRYPTO '88, 8th Annual International Cryptology Conference, Santa Barbara, California, USA, August 21-25, 1988, Proceedings, volume 403 of Lecture Notes in Computer Science, pages 27-35. Springer, 1988. URL: https://doi.org/10.1007/0-387-34799-2_3.
  9. G. R. Blakley. One time pads are key safeguarding schemes, not cryptosystems fast key safeguarding schemes (threshold schemes) exist. In Proceedings of the 1980 IEEE Symposium on Security and Privacy, Oakland, California, USA, April 14-16, 1980, pages 108-113. IEEE Computer Society, 1980. URL: https://doi.org/10.1109/SP.1980.10016.
  10. László Csirmaz. The size of a share must be large. In Alfredo De Santis, editor, Advances in Cryptology - EUROCRYPT '94, Workshop on the Theory and Application of Cryptographic Techniques, Perugia, Italy, May 9-12, 1994, Proceedings, volume 950 of Lecture Notes in Computer Science, pages 13-22. Springer, 1994. URL: https://doi.org/10.1007/BFb0053420.
  11. Bella Dubrov and Yuval Ishai. On the randomness complexity of efficient sampling. In Jon M. Kleinberg, editor, Proceedings of the 38th Annual ACM Symposium on Theory of Computing, Seattle, WA, USA, May 21-23, 2006, pages 711-720. ACM, 2006. URL: https://doi.org/10.1145/1132516.1132615.
  12. Oded Goldreich, Silvio Micali, and Avi Wigderson. How to play any mental game or A completeness theorem for protocols with honest majority. In Alfred V. Aho, editor, Proceedings of the 19th Annual ACM Symposium on Theory of Computing, 1987, New York, New York, USA, pages 218-229. ACM, 1987. URL: https://doi.org/10.1145/28395.28420.
  13. R. K. Gupta. Linear Programming. Krishna Prakashan, 2009. URL: https://books.google.co.il/books?id=Ur2vi5kB5IoC.
  14. Yuval Ishai, Eyal Kushilevitz, and Anat Paskin-Cherniavsky. From randomizing polynomials to parallel algorithms. In Shafi Goldwasser, editor, Innovations in Theoretical Computer Science 2012, Cambridge, MA, USA, January 8-10, 2012, pages 76-89. ACM, 2012. URL: https://doi.org/10.1145/2090236.2090244.
  15. Mitsuru Ito, Akira Saito, and Takao Nishizeki. Secret sharing scheme realizing general access structure. Electronics and Communications in Japan (Part III: Fundamental Electronic Science), 72:56-64, 1989. Google Scholar
  16. Rudolf Lidl and Harald Neiderreiter. Introduction to finite fields and their applications. Cambridge University Press, 1997. Google Scholar
  17. Tianren Liu, Vinod Vaikuntanathan, and Hoeteck Wee. Conditional disclosure of secrets via non-linear reconstruction. In Jonathan Katz and Hovav Shacham, editors, Advances in Cryptology - CRYPTO 2017 - 37th Annual International Cryptology Conference, Santa Barbara, CA, USA, August 20-24, 2017, Proceedings, Part I, volume 10401 of Lecture Notes in Computer Science, pages 758-790. Springer, 2017. URL: https://doi.org/10.1007/978-3-319-63688-7_25.
  18. Tianren Liu, Vinod Vaikuntanathan, and Hoeteck Wee. Towards breaking the exponential barrier for general secret sharing. In Jesper Buus Nielsen and Vincent Rijmen, editors, Advances in Cryptology - EUROCRYPT 2018 - 37th Annual International Conference on the Theory and Applications of Cryptographic Techniques, Tel Aviv, Israel, April 29 - May 3, 2018 Proceedings, Part I, volume 10820 of Lecture Notes in Computer Science, pages 567-596. Springer, 2018. URL: https://doi.org/10.1007/978-3-319-78381-9_21.
  19. Adi Shamir. How to share a secret. Commun. ACM, 22(11):612-613, 1979. URL: https://doi.org/10.1145/359168.359176.
Questions / Remarks / Feedback

Feedback for Dagstuhl Publishing

Thanks for your feedback!

Feedback submitted

Could not send message

Please try again later or send an E-mail