Function secret sharing

Elette Boyle, Niv Gilboa, Yuval Ishai

    Research output: Chapter in Book/Report/Conference proceedingConference contributionpeer-review

    200 Scopus citations

    Abstract

    Motivated by the goal of securely searching and updating distributed data, we introduce and study the notion of function secret sharing (FSS). This new notion is a natural generalization of distributed point functions (DPF), a primitive that was recently introduced by Gilboa and Ishai (Eurocrypt 2014). Given a positive integer p ≥ 2 and a class F of functions f: {0, 1}n → (image found), where (image found) is an Abelian group, a p-party FSS scheme for F allows one to split each f ∈ F into p succinctly described functions fi: {0, 1}n →(image found), 1 ≤ i ≤ p, such that: (1) ∑p i=1 fi = f, and (2) any strict subset of the fi hides f. Thus, an FSS for F can be thought of as method for succinctly performing an “additive secret sharing” of functions from F. The original definition of DPF coincides with a twoparty FSS for the class of point functions, namely the class of functions that have a nonzero output on at most one input. We present two types of results. First, we obtain efficiency improvements and extensions of the original DPF construction. Then, we initiate a systematic study of general FSS, providing some constructions and establishing relations with other cryptographic primitives. More concretely, we obtain the following main results: – Improved DPF. We present an improved (two-party) DPF construction from a pseudorandom generator (PRG), reducing the length of the key describing each fi from O(λ ・ nlog2 3) to O(λn), where λ is the PRG seed length. – Multi-party DPF. We present the first nontrivial construction of a p-party DPF for p ≥ 3, obtaining a near-quadratic improvement over a naive construction that additively shares the truth-table of f. This constrcution too can be based on any PRG. – FSS for simple functions. We present efficient PRG-based FSS constructions for natural function classes that extend point functions, including interval functions and partial matching functions. – A study of general FSS. We show several relations between general FSS and other cryptographic primitives. These include a construction of general FSS via obfuscation, an indication for the implausibility of constructing general FSS from weak cryptographic assumptions such as the existence of one-way functions, a completeness result, and a relation with pseudorandom functions.

    Original languageEnglish
    Title of host publicationAdvances in Cryptology - 34th Annual International Conference on the Theory and Applications of Cryptographic Techniques, EUROCRYPT 2015, Proceedings
    EditorsMarc Fischlin, Elisabeth Oswald
    PublisherSpringer Verlag
    Pages337-367
    Number of pages31
    ISBN (Print)9783662468029
    DOIs
    StatePublished - 1 Jan 2015
    Event34th Annual International Conference on the Theory and Applications of Cryptographic Techniques, Eurocrypt 2015 - Sofia, Bulgaria
    Duration: 26 Apr 201530 Apr 2015

    Publication series

    NameLecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
    Volume9057
    ISSN (Print)0302-9743
    ISSN (Electronic)1611-3349

    Conference

    Conference34th Annual International Conference on the Theory and Applications of Cryptographic Techniques, Eurocrypt 2015
    Country/TerritoryBulgaria
    CitySofia
    Period26/04/1530/04/15

    ASJC Scopus subject areas

    • Theoretical Computer Science
    • General Computer Science

    Fingerprint

    Dive into the research topics of 'Function secret sharing'. Together they form a unique fingerprint.

    Cite this