Document Open Access Logo

Weighted Secret Sharing from Wiretap Channels

Authors Fabrice Benhamouda , Shai Halevi , Lev Stambler

Thumbnail PDF


  • Filesize: 0.85 MB
  • 19 pages

Document Identifiers

Author Details

Fabrice Benhamouda
  • Algorand Foundation, New York, NY, USA
Shai Halevi
  • Algorand Foundation, New York, NY, USA
Lev Stambler
  • Independent Researcher, NJ, USA


We thank the anonymous reviewers for their comments, which vastly improved this work.

Cite AsGet BibTex

Fabrice Benhamouda, Shai Halevi, and Lev Stambler. Weighted Secret Sharing from Wiretap Channels. In 4th Conference on Information-Theoretic Cryptography (ITC 2023). Leibniz International Proceedings in Informatics (LIPIcs), Volume 267, pp. 8:1-8:19, Schloss Dagstuhl - Leibniz-Zentrum für Informatik (2023)


Secret-sharing allows splitting a piece of secret information among a group of shareholders, so that it takes a large enough subset of them to recover it. In weighted secret-sharing, each shareholder has an integer weight, and it takes a subset of large-enough weight to recover the secret. Schemes in the literature for weighted threshold secret sharing either have share sizes that grow linearly with the total weight, or ones that depend on huge public information (essentially a garbled circuit) of size (quasi)polynomial in the number of parties. To do better, we investigate a relaxation, (α, β)-ramp weighted secret sharing, where subsets of weight β W can recover the secret (with W the total weight), but subsets of weight α W or less cannot learn anything about it. These can be constructed from standard secret-sharing schemes, but known constructions require long shares even for short secrets, achieving share sizes of max(W,|secret|/ε), where ε = β-α. In this note we first observe that simple rounding let us replace the total weight W by N/ε, where N is the number of parties. Combined with known constructions, this yields share sizes of O(max(N,|secret|)/ε). Our main contribution is a novel connection between weighted secret sharing and wiretap channels, that improves or even eliminates the dependence on N, at a price of increased dependence on 1/ε. We observe that for certain additive-noise (ℛ,𝒜) wiretap channels, any semantically secure scheme can be naturally transformed into an (α,β)-ramp weighted secret-sharing, where α,β are essentially the respective capacities of the channels 𝒜,ℛ. We present two instantiations of this type of construction, one using Binary Symmetric wiretap Channels, and the other using additive Gaussian Wiretap Channels. Depending on the parameters of the underlying wiretap channels, this gives rise to (α, β)-ramp schemes with share sizes |secret|⋅log N/poly(ε) or even just |secret|/poly(ε).

Subject Classification

ACM Subject Classification
  • Theory of computation → Cryptographic primitives
  • Security and privacy → Information-theoretic techniques
  • Secret sharing
  • ramp weighted secret sharing
  • wiretap channel


  • Access Statistics
  • Total Accesses (updated on a weekly basis)
    PDF Downloads


  1. Erdal Arikan. Channel polarization: A method for constructing capacity-achieving codes for symmetric binary-input memoryless channels. IEEE Transactions on Information Theory, 55(7):3051-3073, 2009. URL:
  2. Erdal Arikan and Emre Telatar. On the rate of channel polarization. In 2009 IEEE International Symposium on Information Theory, pages 1493-1495, 2009. URL:
  3. Amos Beimel, Tamir Tassa, and Enav Weinreb. Characterizing ideal weighted threshold secret sharing. In Theory of Cryptography Conference, pages 600-619. Springer, 2005. Google Scholar
  4. Amos Beimel and Enav Weinreb. Monotone circuits for monotone weighted threshold functions. Information Processing Letters, 97(1):12-18, 2006. URL:
  5. Mihir Bellare and Stefano Tessaro. Polynomial-time, semantically-secure encryption achieving the secrecy capacity. IACR Cryptology ePrint Archive, page 22, 2012. URL:
  6. Mihir Bellare, Stefano Tessaro, and Alexander Vardy. Semantic security for the wiretap channel. In Reihaneh Safavi-Naini and Ran Canetti, editors, Advances in Cryptology - CRYPTO 2012 - 32nd Annual Cryptology Conference, Santa Barbara, CA, USA, August 19-23, 2012. Proceedings, volume 7417 of Lecture Notes in Computer Science, pages 294-311. Springer, 2012. Also available from URL:
  7. Josh Cohen Benaloh and Jerry Leichter. Generalized secret sharing and monotone functions. In Shafi Goldwasser, editor, Advances in Cryptology - CRYPTO'88, volume 403 of Lecture Notes in Computer Science, pages 27-35. Springer, 1988. URL:
  8. Fabrice Benhamouda, Shai Halevi, and Lev Stambler. Weighted secret sharing from wiretap channels. IACR Cryptol. ePrint Arch., page 1578, 2022. URL:
  9. G. R. Blakley and Catherine A. Meadows. Security of ramp schemes. In G. R. Blakley and David Chaum, editors, Advances in Cryptology, Proceedings of CRYPTO '84, Santa Barbara, California, USA, August 19-22, 1984, Proceedings, volume 196 of Lecture Notes in Computer Science, pages 242-268. Springer, 1984. URL:
  10. George R. Blakley. Safeguarding cryptographic keys. In 1979 International Workshop on Managing Requirements Knowledge (MARK), pages 313-318, 1979. URL:
  11. Jaroslaw Blasiok, Venkatesan Guruswami, and Madhu Sudan. Polar codes with exponentially small error at finite block length. In Eric Blais, Klaus Jansen, José D. P. Rolim, and David Steurer, editors, Approximation, Randomization, and Combinatorial Optimization. Algorithms and Techniques, APPROX/RANDOM 2018, volume 116 of LIPIcs, pages 34:1-34:17. Schloss Dagstuhl - Leibniz-Zentrum für Informatik, 2018. URL:
  12. Ronald Cramer, Ivan Damgård, and Jesper Buus Nielsen. Secure Multiparty Computation and Secret Sharing. Cambridge University Press, 2015. URL:
  13. Claude Crépeau. Efficient cryptographic protocols based on noisy channels. In Walter Fumy, editor, Advances in Cryptology - EUROCRYPT '97, International Conference on the Theory and Application of Cryptographic Techniques, Konstanz, Germany, May 11-15, 1997, Proceeding, volume 1233 of Lecture Notes in Computer Science, pages 306-317. Springer, 1997. URL:
  14. Claude Crépeau and Joe Kilian. Achieving oblivious transfer using weakened security assumptions (extended abstract). In 29th Annual Symposium on Foundations of Computer Science, White Plains, New York, USA, 24-26 October 1988, pages 42-52. IEEE Computer Society, 1988. URL:
  15. U. Erez and R. Zamir. Achieving 1/2 log(1+SNR) on the AWGN channel with lattice encoding and decoding. IEEE Transactions on Information Theory, 50(10):2293-2314, 2004. URL:
  16. Oriol Farras and Carles Padró. Ideal hierarchical secret sharing schemes. IEEE transactions on information theory, 58(5):3273-3286, 2012. Google Scholar
  17. Venkatesan Guruswami and Atri Rudra. Concatenated codes can achieve list-decoding capacity. In Proceedings of the Nineteenth Annual ACM-SIAM Symposium on Discrete Algorithms, SODA '08, pages 258-267, USA, 2008. Society for Industrial and Applied Mathematics. Google Scholar
  18. Venkatesan Guruswami and Patrick Xia. Polar codes: Speed of polarization and polynomial gap to capacity. IEEE Trans. Inf. Theory, 61(1):3-16, 2015. URL:
  19. S. Hamed Hassani, Ryuhei Mori, Toshiyuki Tanaka, and Rüdiger L. Urbanke. Rate-dependent analysis of the asymptotic behavior of channel polarization. IEEE Transactions on Information Theory, 59(4):2267-2276, 2013. URL:
  20. Ling Liu, Yanfei Yan, and Cong Ling. Achieving secrecy capacity of the gaussian wiretap channel with polar lattices. IEEE Transactions on Information Theory, 64(3):1647-1665, 2018. Also available at URL:
  21. Ling Liu, Yanfei Yan, Cong Ling, and Xiaofu Wu. Construction of capacity-achieving lattice codes: Polar lattices. IEEE Transactions on Communications, 67(2):915-928, 2019. Also available at URL:
  22. Daniele Micciancio and Oded Regev. Worst-case to average-case reductions based on gaussian measures. SIAM J. Comput., 37(1):267-302, 2007. URL:
  23. Marco Mondelli, S. Hamed Hassani, and Rüdiger L. Urbanke. Unified scaling of polar codes: Error exponent, scaling exponent, moderate deviations, and error floors. IEEE Transactions on Information Theory, 62(12):6698-6712, 2016. URL:
  24. Adi Shamir. How to share a secret. Communications of the ACM, 22(11):612-613, 1979. Google Scholar
  25. Tamir Tassa. Hierarchical threshold secret sharing. Journal of cryptology, 20(2):237-264, 2007. Google Scholar
  26. Himanshu Tyagi and Alexander Vardy. Explicit capacity-achieving coding scheme for the gaussian wiretap channel. In 2014 IEEE International Symposium on Information Theory, pages 956-960, 2014. See also URL:
  27. Vinod Vaikuntanathan, Arvind Narayanan, K. Srinathan, C. Pandu Rangan, and Kwangjo Kim. On the power of computational secret sharing. In Thomas Johansson and Subhamoy Maitra, editors, Progress in Cryptology - INDOCRYPT 2003, volume 2904 of Lecture Notes in Computer Science, pages 162-176. Springer, 2003. URL:
  28. Hsin-Po Wang, Ting-Chun Lin, Alexander Vardy, and Ryan Gabrys. Sub-4.7 scaling exponent of polar codes. arXiv 2204.11683, 2022. URL:
  29. Xukai Zou, Fabio Maino, Elisa Bertino, Yan Sui, Kai Wang, and Feng Li. A new approach to weighted multi-secret sharing. In 2011 Proceedings of 20th International Conference on Computer Communications and Networks (ICCCN), pages 1-6. IEEE, 2011. Google Scholar
Questions / Remarks / Feedback

Feedback for Dagstuhl Publishing

Thanks for your feedback!

Feedback submitted

Could not send message

Please try again later or send an E-mail