Paper 2025/525
Deniable Secret Sharing
Abstract
We introduce deniable secret sharing (DSS), which, analogously to deniable encryption, enables shareholders to produce fake shares that are consistent with a target “fake message”, regardless of the original secret. In contrast to deniable encryption, in a DSS scheme an adversary sees multiple shares, some of which might be real, and some fake. This makes DSS a more difficult task, especially in situations where the fake shares need to be generated by individual shareholders, without coordination with other shareholders.
We define several desirable properties for DSS, and show both positive and negative results for each. The strongest property is fake hiding, which is a natural analogy of deniability for encryption: given a complete set of shares, an adversary cannot determine whether any shares are fake. We show a construction based on Shamir secret sharing that achieves fake hiding as long as (1) the fakers are qualified (number
Metadata
- Available format(s)
-
PDF
- Category
- Foundations
- Publication info
- Preprint.
- Keywords
- secret sharingdeniability
- Contact author(s)
-
canetti @ bu edu
ivan @ cs au dk
sk @ cs au dk
d ravi @ uva nl
sophia yakoubov @ cs au dk - History
- 2025-03-21: approved
- 2025-03-20: received
- See all versions
- Short URL
- https://ia.cr/2025/525
- License
-
CC BY
BibTeX
@misc{cryptoeprint:2025/525, author = {Ran Canetti and Ivan Damgård and Sebastian Kolby and Divya Ravi and Sophia Yakoubov}, title = {Deniable Secret Sharing}, howpublished = {Cryptology {ePrint} Archive, Paper 2025/525}, year = {2025}, url = {https://eprint.iacr.org/2025/525} }