Secret Sharing with Binary Shares
Shamir's celebrated secret sharing scheme provides an efficient method for encoding a secret of arbitrary length l among any N <= 2^l players such that for a threshold parameter t, (i) the knowledge of any t shares does not reveal any information about the secret and, (ii) any choice of t+1 shares fully reveals the secret. It is known that any such threshold secret sharing scheme necessarily requires shares of length l, and in this sense Shamir's scheme is optimal. The more general notion of ramp schemes requires the reconstruction of secret from any t+g shares, for a positive integer gap parameter g. Ramp secret sharing scheme necessarily requires shares of length l/g. Other than the bound related to secret length l, the share lengths of ramp schemes can not go below a quantity that depends only on the gap ratio g/N.
In this work, we study secret sharing in the extremal case of bit-long shares and arbitrarily small gap ratio g/N, where standard ramp secret sharing becomes impossible. We show, however, that a slightly relaxed but equally effective notion of semantic security for the secret, and negligible reconstruction error probability, eliminate the impossibility. Moreover, we provide explicit constructions of such schemes. One of the consequences of our relaxation is that, unlike standard ramp schemes with perfect secrecy, adaptive and non-adaptive adversaries need different analysis and construction. For non-adaptive adversaries, we explicitly construct secret sharing schemes that provide secrecy against any tau fraction of observed shares, and reconstruction from any rho fraction of shares, for any choices of 0 <= tau < rho <= 1. Our construction achieves secret length N(rho-tau-o(1)), which we show to be optimal. For adaptive adversaries, we construct explicit schemes attaining a secret length Omega(N(rho-tau)). We discuss our results and open questions.
Secret sharing scheme
Wiretap channel
Security and privacy~Information-theoretic techniques
Theory of computation~Expander graphs and randomness extractors
Theory of computation~Error-correcting codes
53:1-53:20
Regular Paper
The research of Fuchun Lin and Huaxiong Wang was supported by Singapore Ministry of Education under Research Grant MOE2016-T2-2-014(S) and RG133/17(S). The research of Venkatesan Guruswami was supported in part by United States NSF grants CCF-1422045 and CCF-1563742. The research of Reihaneh Safavi-Naini was in part supported by Natural Sciences and Engineering Research Council of Canada, Discovery Grants Program.
Full version at https://eprint.iacr.org/2018/746.
Fuchun
Lin
Fuchun Lin
Division of Mathematical Sciences, School of Physical and Mathematical Sciences, Nanyang Technological University, SG
Mahdi
Cheraghchi
Mahdi Cheraghchi
Department of Computing, Imperial College London, UK
Venkatesan
Guruswami
Venkatesan Guruswami
Computer Science Department, Carnegie Mellon University, USA
Reihaneh
Safavi-Naini
Reihaneh Safavi-Naini
Department of Computer Science, University of Calgary, CA
Huaxiong
Wang
Huaxiong Wang
Division of Mathematical Sciences, School of Physical and Mathematical Sciences, Nanyang Technological University, SG
10.4230/LIPIcs.ITCS.2019.53
Vaneet Aggarwal, Lifeng Lai, A. Robert Calderbank, and H. Vincent Poor. Wiretap channel type II with an active eavesdropper. IEEE International Symposium on Information Theory, ISIT 2009, pages 1944-1948, 2009. URL: http://dx.doi.org/10.1109/ISIT.2009.5205631.
http://dx.doi.org/10.1109/ISIT.2009.5205631
Mihir Bellare, Stefano Tessaro, and Alexander Vardy. Semantic Security for the Wiretap Channel. In Advances in Cryptology - CRYPTO 2012, volume 7417 of Lecture Notes in Computer Science, pages 294-311. Springer, 2012.
George R. Blakley. Safeguarding cryptographic keys. In Proceedings of the 1979 AFIPS National Computer Conference, pages 313-317, 1979.
Andrej Bogdanov, Siyao Guo, and Ilan Komargodski. Threshold Secret Sharing Requires a Linear Size Alphabet. In Theory of Cryptography - TCC 2016-B, pages 471-484, 2016.
Andrej Bogdanov, Yuval Ishai, Emanuele Viola, and Christopher Williamson. Bounded Indistinguishability and the Complexity of Recovering Secrets. In Advances in Cryptology - CRYPTO, pages 593-618, 2016.
Andrej Bogdanov and Christopher Williamson. Approximate Bounded Indistinguishability. In International Colloquium on Automata, Languages, and Programming, ICALP, pages 53:1-53:11, 2017.
Jean Bourgain. On the construction of affine extractors. Geometric and Functional Analysis, 17(1):33-57, 2007.
Ignacio Cascudo Pueyo, Ronald Cramer, and Chaoping Xing. Bounds on the Threshold Gap in Secret Sharing and its Applications. IEEE Trans. Information Theory, 59(9):5600-5612, 2013. URL: http://dx.doi.org/10.1109/TIT.2013.2264504.
http://dx.doi.org/10.1109/TIT.2013.2264504
Kuan Cheng, Yuval Ishai, and Xin Li. Near-Optimal Secret Sharing and Error Correcting Codes in AC0. In Theory of Cryptography - TCC 2017, Part II, pages 424-458, 2017.
Mahdi Cheraghchi. Nearly Optimal Robust Secret Sharing. Designs, Codes and Cryptography, pages 1-20, 2018.
Mahdi Cheraghchi, Frédéric Didier, and Amin Shokrollahi. Invertible Extractors and Wiretap Protocols. IEEE Trans. Information Theory, 58(2):1254-1274, 2012. URL: http://dx.doi.org/10.1109/TIT.2011.2170660.
http://dx.doi.org/10.1109/TIT.2011.2170660
Ronald Cramer, Ivan Damgård, and Jesper Buus Nielsen. Secure Multiparty Computation and Secret Sharing. Cambridge University Press, 2015. URL: http://www.cambridge.org/de/academic/subjects/computer-science/cryptography-cryptology-and-coding/secure-multiparty-computation-and-secret-sharing?format=HB&isbn=9781107043053.
http://www.cambridge.org/de/academic/subjects/computer-science/cryptography-cryptology-and-coding/secure-multiparty-computation-and-secret-sharing?format=HB&isbn=9781107043053
Imre Csiszár and Janos Körner. Broadcast channels with confidential messages. IEEE Trans. Information Theory, 24(3):339-348, 1978. URL: http://dx.doi.org/10.1109/TIT.1978.1055892.
http://dx.doi.org/10.1109/TIT.1978.1055892
Venkatesan Guruswami. List decoding from erasures: bounds and code constructions. IEEE Trans. Information Theory, 49(11), 2003.
Venkatesan Guruswami and Adam D. Smith. Optimal Rate Code Constructions for Computationally Simple Channels. J. ACM, 63(4):35:1-35:37, 2016. URL: http://dx.doi.org/10.1109/FOCS.2010.74.
http://dx.doi.org/10.1109/FOCS.2010.74
Xin Li. A New Approach to Affine Extractors and Dispersers. IEEE Conference on Computational Complexity, CCC 2011, pages 137-147, 2011.
Wakaha Ogata, Kaoru Kurosawa, and Shigeo Tsujii. Nonperfect Secret Sharing Schemes. Advances in Cryptology - AUSCRYPT '92, pages 56-66, 1992.
Lawrence H. Ozarow and Aaron D. Wyner. Wire-tap channel II. The Bell System Technical Journal, 63:2135-2157, December 1984.
Ran Raz, Omer Reingold, and Salil P. Vadhan. Extracting all the Randomness and Reducing the Error in Trevisan’s Extractors. J. Comput. Syst. Sci., 65(1):97-128, 2002.
Adi Shamir. How to Share a Secret. Commun. ACM, 22(11):612-613, 1979.
Setareh Sharifian, Fuchun Lin, and Reihaneh Safavi-Naini. Hash-then-Encode: A Modular Semantically Secure Wiretap Code. In Proceedings of the 2nd Workshop on Communication Security, WCS 2017, pages 49-63. Lecture Notes in Electrical Engineering, 2017.
Adam D. Smith. Scrambling Adversarial Errors Using Few Random Bits, Optimal Information Reconciliation, and Better Private Codes. In ACM-SIAM Symposium on Discrete Algorithms SODA '07, pages 395-404. Society for Industrial and Applied Mathematics, 2007. URL: http://dl.acm.org/citation.cfm?id=1283383.1283425.
http://dl.acm.org/citation.cfm?id=1283383.1283425
Douglas R. Stinson. An Explication of Secret Sharing Schemes. Des. Codes Cryptography, 2(4):357-390, 1992.
Luca Trevisan. Extractors and pseudorandom generators. J. ACM, 48(4):860-879, 2001.
Aaron D. Wyner. The wire-tap channel. The Bell System Technical Journal, 54(8):1355-1387, October 1975.
Amir Yehudayoff. Affine extractors over prime fields. Combinatorica, 31(2):245, 2011. URL: http://dx.doi.org/10.1007/s00493-011-2604-9.
http://dx.doi.org/10.1007/s00493-011-2604-9
Fuchun Lin, Mahdi Cheraghchi, Venkatesan Guruswami, Reihaneh Safavi-Naini, and Huaxiong Wang
Creative Commons Attribution 3.0 Unported license
https://creativecommons.org/licenses/by/3.0/legalcode