TY - GEN
T1 - Evolving ramp secret sharing with a small gap
AU - Beimel, Amos
AU - Othman, Hussien
N1 - Publisher Copyright:
© International Association for Cryptologic Research 2020.
PY - 2020/1/1
Y1 - 2020/1/1
N2 - Evolving secret-sharing schemes, introduced by Komargodski, Naor, and Yogev (TCC 2016b), are secret-sharing schemes in which there is no a-priory upper bound on the number of parties that will participate. The parties arrive one by one and when a party arrives the dealer gives it a share; the dealer cannot update this share when other parties arrive. Motivated by the fact that when the number of parties is known, ramp secret-sharing schemes are more efficient than threshold secret-sharing schemes, we study evolving ramp secret-sharing schemes. Specifically, we study evolving (b(j), g(j))-ramp secret-sharing schemes, where (Formula presented) are non-decreasing functions. In such schemes, any set of parties that for some j contains g(j) parties from the first parties that arrive can reconstruct the secret, and any set such that for every j contains less than b(j) parties from the first j parties that arrive cannot learn any information about the secret. We focus on the case that the gap is small, namely (Formula presented) for (Formula presented). We show that there is an evolving ramp secret-sharing scheme with gap (Formula presented), in which the share size of the j-th party is (Formula presented). Furthermore, we show that our construction results in much better share size for fixed values of β, i.e., there is an evolving ramp secret-sharing scheme with gap (Formula presented), in which the share size of the j-th party is (Formula presented). Our construction should be compared to the best known evolving g(j)-threshold secret-sharing schemes (i.e., when(Formula presented) in which the share size of the j-th party is O(j4. Thus, our construction offers a significant improvement for every constant β, showing that allowing a gap between the sizes of the authorized and unauthorized sets can reduce the share size. In addition, we present an evolving (k/2, k)-ramp secret-sharing scheme for a constant k (which can be very big), where any set of parties of size at least k can reconstruct the secret and any set of parties of size at most k/2 cannot learn any information about the secret. The share size of the j-th party in our construction is O(log k log j). This is an improvement over the best known evolving k-threshold secret-sharing schemes in which the share size of the j-th party is O(klog j).
AB - Evolving secret-sharing schemes, introduced by Komargodski, Naor, and Yogev (TCC 2016b), are secret-sharing schemes in which there is no a-priory upper bound on the number of parties that will participate. The parties arrive one by one and when a party arrives the dealer gives it a share; the dealer cannot update this share when other parties arrive. Motivated by the fact that when the number of parties is known, ramp secret-sharing schemes are more efficient than threshold secret-sharing schemes, we study evolving ramp secret-sharing schemes. Specifically, we study evolving (b(j), g(j))-ramp secret-sharing schemes, where (Formula presented) are non-decreasing functions. In such schemes, any set of parties that for some j contains g(j) parties from the first parties that arrive can reconstruct the secret, and any set such that for every j contains less than b(j) parties from the first j parties that arrive cannot learn any information about the secret. We focus on the case that the gap is small, namely (Formula presented) for (Formula presented). We show that there is an evolving ramp secret-sharing scheme with gap (Formula presented), in which the share size of the j-th party is (Formula presented). Furthermore, we show that our construction results in much better share size for fixed values of β, i.e., there is an evolving ramp secret-sharing scheme with gap (Formula presented), in which the share size of the j-th party is (Formula presented). Our construction should be compared to the best known evolving g(j)-threshold secret-sharing schemes (i.e., when(Formula presented) in which the share size of the j-th party is O(j4. Thus, our construction offers a significant improvement for every constant β, showing that allowing a gap between the sizes of the authorized and unauthorized sets can reduce the share size. In addition, we present an evolving (k/2, k)-ramp secret-sharing scheme for a constant k (which can be very big), where any set of parties of size at least k can reconstruct the secret and any set of parties of size at most k/2 cannot learn any information about the secret. The share size of the j-th party in our construction is O(log k log j). This is an improvement over the best known evolving k-threshold secret-sharing schemes in which the share size of the j-th party is O(klog j).
UR - http://www.scopus.com/inward/record.url?scp=85089997947&partnerID=8YFLogxK
U2 - 10.1007/978-3-030-45721-1_19
DO - 10.1007/978-3-030-45721-1_19
M3 - Conference contribution
AN - SCOPUS:85089997947
SN - 9783030457204
T3 - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
SP - 529
EP - 555
BT - Advances in Cryptology – EUROCRYPT 2020 - 39th Annual International Conference on the Theory and Applications of Cryptographic Techniques, Proceedings
A2 - Canteaut, Anne
A2 - Ishai, Yuval
PB - Springer
T2 - 39th Annual International Conference on the Theory and Applications of Cryptographic Techniques, EUROCRYPT 2020
Y2 - 10 May 2020 through 14 May 2020
ER -