Cryptology ePrint Archive: Report 2017/359

Conditional Disclosure of Secrets via Non-Linear Reconstruction

Tianren Liu and Vinod Vaikuntanathan and Hoeteck Wee

Abstract: We present new protocols for conditional disclosure of secrets (CDS), where two parties want to disclose a secret to a third party if and only if their respective inputs satisfy some predicate.

- For general predicates $\text{pred} : [N] \times [N] \rightarrow \{0,1\}$, we present two protocols that achieve $o(N^{1/2})$ communication: the first achieves $O(N^{1/3})$ communication and the second achieves sub-polynomial $2^{O(\sqrt{\log N \log\log N})} = N^{o(1)}$ communication.

- As a corollary, we obtain improved share complexity for forbidden graph access structures. Namely, for every graph on $N$ vertices, there is a secret-sharing scheme for $N$ parties in which each pair of parties can reconstruct the secret if and only if the corresponding vertices in $G$ are connected, and where each party gets a share of size $2^{O(\sqrt{\log N \log\log N})} = N^{o(1)}$.

Prior to this work, the best protocols for both primitives required communication complexity $\tilde{O}(N^{1/2})$. Indeed, this is essentially the best that all prior techniques could hope to achieve as they were limited to so-called ``linear reconstruction''. This is the first work to break this $O(N^{1/2})$ ``linear reconstruction'' barrier in settings related to secret sharing. To obtain these results, we draw upon techniques for non-linear reconstruction developed in the context of information-theoretic private information retrieval.

We further extend our results to the setting of private simultaneous messages (PSM), and provide applications such as an improved attribute-based encryption (ABE) for quadratic polynomials.

Category / Keywords: secret sharing, information theoretic

Original Publication (in the same form): IACR-CRYPTO-2017

Date: received 20 Apr 2017, last revised 12 Jun 2017

Contact author: liutr at mit edu, vinodv at csail mit edu, wee at di ens fr

Available format(s): PDF | BibTeX Citation

Note: Minor revisions.

Version: 20170612:115544 (All versions of this report)

Short URL:

[ Cryptology ePrint archive ]