Paper 2024/876

Distributing Keys and Random Secrets with Constant Complexity

Benny Applebaum, Tel Aviv University
Benny Pinkas, Aptos Labs and Bar Ilan University
Abstract

In the *Distributed Secret Sharing Generation* (DSG) problem $n$ parties wish to obliviously sample a secret-sharing of a random value $s$ taken from some finite field, without letting any of the parties learn $s$. *Distributed Key Generation* (DKG) is a closely related variant of the problem in which, in addition to their private shares, the parties also generate a public ``commitment'' $g^s$ to the secret. Both DSG and DKG are central primitives in the domain of secure multiparty computation and threshold cryptography. In this paper, we study the communication complexity of DSG and DKG. Motivated by large-scale cryptocurrency and blockchain applications, we ask whether it is possible to obtain protocols in which the communication per party is a constant that does not grow with the number of parties. We answer this question to the affirmative in a model where broadcast communication is implemented via a public bulletin board (e.g., a ledger). Specifically, we present a constant-round DSG/DKG protocol in which the number of bits that each party sends/receives from the public bulletin board is a constant that depends only on the security parameter and the field size but does not grow with the number of parties $n$. In contrast, in all existing solutions at least some of the parties send $\Omega(n)$ bits. Our protocol works in the near-threshold setting. Given arbitrary privacy/correctness parameters $0<\tau_p<\tau_c<1$, the protocol tolerates up to $\tau_p n$ actively corrupted parties and delivers shares of a random secret according to some $\tau_p n$-private $\tau_c n$-correct secret sharing scheme, such that the adversary cannot bias the secret or learn anything about it. The protocol is based on non-interactive zero-knowledge proofs, non-interactive commitments and a novel secret-sharing scheme with special robustness properties that is based on Low-Density Parity-Check codes. As a secondary contribution, we extend the formal MPC-based treatment of DKG/DSG, and study new aspects of Affine Secret Sharing Schemes.

Metadata
Available format(s)
PDF
Category
Cryptographic protocols
Publication info
A major revision of an IACR publication in TCC 2024
Keywords
secret sharingdistributed key generation
Contact author(s)
benny applebaum @ gmail com
benny @ pinkas net
History
2024-09-22: revised
2024-06-02: received
See all versions
Short URL
https://ia.cr/2024/876
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2024/876,
      author = {Benny Applebaum and Benny Pinkas},
      title = {Distributing Keys and Random Secrets with Constant Complexity},
      howpublished = {Cryptology {ePrint} Archive, Paper 2024/876},
      year = {2024},
      url = {https://eprint.iacr.org/2024/876}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.