Cryptology ePrint Archive: Report 2018/1010

Space Efficient Computational Multi-Secret Sharing and Its Applications

Aggelos Kiayias and Murat Osmanoglu and Alexander Russell and Qiang Tang

Abstract: In a (t_1,...,t_l)-multi-secret sharing scheme (MSSS), l independent secrets s_1,...,s_l are shared with n parties in such a way that at least t_i parties are required to recover the secret s_i (while s_i remains hidden with fewer shares). We consider the problem of minimizing the share size of MSSS in the challenging setting when there are many secrets to be shared among many parties. To circumvent the information-theoretic lower bound (e.g., Blundo [4]), we focus on the computational setting. A simple generalization of computational secret sharing (Krawczyk [17]) to multi-secret sharing yields a scheme with share size/overhead scaling linearly in l, the total number of secrets. To beat this linear scaling, we consider constructing MSSS based on a related notion of encryption|dynamic threshold public key encryption (DTPKE)|that enables a sender to dynamically specify a threshold for each ciphertext. None of the existing DTPKE is well-suited for our purpose. Thus, we propose a new construction of a dynamic threshold public key encryption scheme with improved efficiency characteristics. We then give a recursive application of our construction that yields an efficient MSSS with share size only logarithmic in the number of secrets (thus effectively O(log l) as in the common cases, where l and n are polynomially related). Finally, we describe an application of our space efficient (1,2,...,n-1)-MSSS to a special tool called gradual verifiable secret sharing which is the fundamental building block for general multiparty computation (MPC) with n players that provides fairness without honest majority.

Category / Keywords: multi-secret sharing, fair MPC, dynamic threshold

Date: received 16 Oct 2018, last revised 24 Oct 2018

Contact author: mosmanoglu at ankara edu tr

Available format(s): PDF | BibTeX Citation

Version: 20181024:185030 (All versions of this report)

Short URL: ia.cr/2018/1010


[ Cryptology ePrint archive ]