Paper 2023/451
Non-interactive VSS using Class Groups and Application to DKG
Abstract
We put forward the first non-interactive verifiable secret sharing scheme (NI-VSS) using classgroups – we call it cgVSS. Our construction follows the standard framework of encrypting the shares to a set of recipients and generating a non-interactive proof of correct sharing. However, as opposed to prior works, such as Groth’s [Eprint 2021], or Gentry et al.’s [Eurocrypt 2022], we do not require any range proof - this is possible due to the unique structure of class groups, that enables efficient encryption/decryption of large field elements in the exponent of an ElGamal-style encryption scheme. Importantly, this is possible without destroying the additive homomorphic structure, which is required to make the proof-of-correctness highly efficient. This approach not only simplifies the scheme substantially, but also outperforms the state-of-art schemes significantly. Our implementation shows that cgVSS outperforms (a simplified implementation of) Groth’s protocol in overall communication complexity by 5.6x and about 2.4 − 2.7x in computation time per node (for a 150-node system). Additionally, we formalize the notion of public verifiability, which enables anyone, possibly outside the participants, to verify the correctness of the dealing. In fact, we re-interpret the notion of public verifiability and extend it to the setting when all recipients may be corrupt and yet can not defy public verifiability – to distinguish with state-of-art we call this strong public verifiability. Our formalization uses the universal composability framework. Finally, through a generic transformation, similar to Groth’s [Eprint 2021], we obtain a NI-DKG scheme for threshold systems, where the secret key is the discrete log of the public key. Our security analysis in the VSS-hybrid model uses a formalization that also considers a (strong) public verifiability notion for DKG, even when more than threshold parties are corrupt. Instantiating with cgVSS we obtain the first NI-DKG scheme from class groups – we call it cgDKG.
Metadata
- Available format(s)
- Category
- Cryptographic protocols
- Publication info
- Preprint.
- Keywords
- Verifiable secret sharingNon-interactive VSSClass Groups
- Contact author(s)
-
e mangipudi @ supraoracles com
p mukherjee @ supraoracles com - History
- 2023-11-17: last of 4 revisions
- 2023-03-28: received
- See all versions
- Short URL
- https://ia.cr/2023/451
- License
-
CC BY
BibTeX
@misc{cryptoeprint:2023/451, author = {Aniket Kate and Easwar Vivek Mangipudi and Pratyay Mukherjee and Hamza Saleem and Sri Aravinda Krishnan Thyagarajan}, title = {Non-interactive VSS using Class Groups and Application to DKG}, howpublished = {Cryptology ePrint Archive, Paper 2023/451}, year = {2023}, note = {\url{https://eprint.iacr.org/2023/451}}, url = {https://eprint.iacr.org/2023/451} }