How to Split a Shared Secret into Shared Bits in Constant-Round

Ivan Damgård; Matthias Fitzi; Jesper Buus Nielsen; Tomas Toft

Paper 2005/140

How to Split a Shared Secret into Shared Bits in Constant-Round

Ivan Damgård, Matthias Fitzi, Jesper Buus Nielsen, and Tomas Toft

Abstract

We show that if a set of players hold shares of a value $a \in Z_{p}$ for some prime $p$ (where the set of shares is written $[a]_{p}$ ), it is possible to compute, in constant round and with unconditional security, sharings of the bits of $a$ , i.e.~compute sharings $[a_{0}]_{p}, \dots, [a_{l - 1}]_{p}$ such that $l = ⌈ \log_{2} (p) ⌉$ , $a_{0}, \dots, a_{l - 1} \in {0, 1}$ and $a = \sum_{i = 0}^{l - 1} a_{i} 2^{i}$ . Our protocol is secure against active adversaries and works for any linear secret sharing scheme with a multiplication protocol. This result immediately implies solutions to other long-standing open problems, such as constant-round and unconditionally secure protocols for comparing shared numbers and deciding whether a shared number is zero. The complexity of our protocol is invocations of the multiplication protocol for the underlying secret sharing scheme, carried out in .

Metadata

Available format(s): PDF PS
Category: Cryptographic protocols
Publication info: Published elsewhere. Unknown where it was published
Keywords: secret sharing unconditional security
Contact author(s): buus @ daimi au dk
History: 2005-06-23: last of 2 revisions; 2005-05-16: received; See all versions
Short URL: https://ia.cr/2005/140
License: CC BY

BibTeX

@misc{cryptoeprint:2005/140,
      author = {Ivan Damgård and Matthias Fitzi and Jesper Buus Nielsen and Tomas Toft},
      title = {How to Split a Shared Secret into Shared Bits in Constant-Round},
      howpublished = {Cryptology {ePrint} Archive, Paper 2005/140},
      year = {2005},
      url = {https://eprint.iacr.org/2005/140}
}