**The Arithmetic Codex**

*Ignacio Cascudo and Ronald Cramer and Chaoping Xing*

**Abstract: **We introduce the notion of {\em arithmetic codex}, or {\em codex} for short.
It encompasses several well-established notions from cryptography (arithmetic secret sharing schemes, i.e., enjoying additive as well as multiplicative properties) and algebraic complexity theory (bilinear complexity of multiplication) in a natural mathematical framework.

Arithmetic secret sharing schemes have important applications to secure multiparty computation and even to {\em two}-party cryptography. Interestingly, several recent applications to two-party cryptography rely crucially on the existing results on ``{\em asymptotically good} families'' of suitable such schemes. Moreover, the construction of these schemes requires asymptotically good towers of function fields over finite fields: no elementary (probabilistic) constructions are known in these cases. Besides introducing the notion, we discuss some of the constructions, as well as some limitations.

**Category / Keywords: **

**Publication Info: **Presented at the IEEE Information Theory Workshop 2012 (ITW), Lausanne, Switzerland, September 2012 (invited talk by Cramer). An earlier version was presented as part of Cramer's invited talk at the 30th Annual IACR EUROCRYPT, May 2011, Tallinn, Estonia.

**Date: **received 13 Jul 2012, last revised 13 Nov 2012

**Contact author: **cramer at cwi nl

**Available format(s): **PDF | BibTeX Citation

**Note: **Change log:
Not taking the property claimed in Lemma~1 (Version~3) as a condition in the codex definition as introduced in this eprint paper, was meant to further simplify our prior definitions. However, this Lemma~1 is incorrect~\cite{CCMPX12}. A similar mistake appears in the talk notes from the electronic proceedings as handed out at Proc.\ IEEE Symp.\ Inf.\ Theory, Sept.\ 2012 (see Remark~3 there).
In this Version~4 we have corrected it by, once again, taking it as a condition in the definition. Note that the mistake does not appear in prior codex definitions (such as the one presented at Eurocrypt 2011).

**Version: **20121113:162619 (All versions of this report)

**Short URL: **ia.cr/2012/388

**Discussion forum: **Show discussion | Start new discussion

[ Cryptology ePrint archive ]