By non-interactive we mean that the dealer needs to be active only once, where he posts a public message as well as a private message to each shareholder. In the random oracle model, we can even avoid interaction between shareholders. By efficient, we mean that we avoid generic zero-knowledge techniques.
Such efficient constructions were previously only known from linear secret sharing schemes (LSSS). It is believed that the class of access structures that can be handled with polynomial size LSSS is incomparable to the class that can be recognized by polynomial size monotone circuits, so in this sense we extend the class of access structures with efficient and non-interactive VSS.
Category / Keywords: cryptographic protocols / computational secret-sharing Original Publication (in the same form): AFRICACRYPT 2016 Date: received 28 Jan 2016 Contact author: orlandi at cs au dk Available format(s): PDF | BibTeX Citation Version: 20160128:154025 (All versions of this report) Short URL: ia.cr/2016/078 Discussion forum: Show discussion | Start new discussion