Paper 2016/123

Robust Password-Protected Secret Sharing

Michel Abdalla, Mario Cornejo, Anca Nitulescu, and David Pointcheval

Abstract

Password-protected secret sharing (PPSS) schemes allow a user to publicly share its high-entropy secret across different servers and to later recover it by interacting with some of these servers using only his password without requiring any authenticated data. In particular, this secret will remain safe as long as not too many servers get corrupted. However, servers are not always reliable and the communication can be altered. To address this issue, a robust PPSS should additionally guarantee that a user can recover his secret as long as enough servers provide correct answers, and these are received without alteration. In this paper, we propose new robust PPSS schemes which are significantly more efficient than the existing ones. We achieve this goal in two steps. First, we propose a generic technique to build a Robust Gap Threshold Secret Sharing Scheme (RGTSSS) from any threshold secret sharing scheme. In the PPSS construction, this allows us to drop the verifiable property of Oblivious Pseudorandom Functions (OPRF). Then, we use this new approach to design two new robust PPSS schemes that are quite efficient, from two OPRFs. They are proven in the random oracle model, just because our RGTSSS construction requires random non-malleable fingerprints. This is easily guaranteed when the hash function is modeled as a random oracle.