Optimal linear multiparty conditional disclosure of secrets protocols

Amos Beimel, Naty Peter

Research output: Chapter in Book/Report/Conference proceedingConference contributionpeer-review

9 Scopus citations

Abstract

In a k-party CDS protocol, each party sends one message to a referee (without seeing the other messages) such that the referee will learn a secret held by the parties if and only if the inputs of the parties satisfy some condition (e.g., if the inputs are all equal). This simple primitive is used to construct attribute based encryption, symmetrically-private information retrieval, priced oblivious transfer, and secret-sharing schemes for any access structure. Motivated by these applications, CDS protocols have been recently studied in many papers. In this work, we study linear CDS protocols, where each of the messages of the parties is a linear function of the secret and random elements taken from some finite field. Linearity is an important property of CDS protocols as many applications of CDS protocols required it. Our main result is a construction of linear k-party CDS protocols for an arbitrary function f : [N]k→ { 0,1} with messages of size O(N(k-1)/2) (a similar result was independently and in parallel proven by Liu et al. [27]). By a lower bound of Beimel et al. [TCC 2017], this message size is optimal. We also consider functions with few inputs that return 1, and design more efficient CDS protocols for them. CDS protocols can be used to construct secret-sharing schemes for uniform access structures, where for some k all sets of size less than k are unauthorized, all sets of size greater than k are authorized, and each set of size k can be either authorized or unauthorized. We show that our results imply that every k-uniform access structure with n parties can be realized by a linear secret-sharing scheme with share size min {(O(n/k))(k-1)/2,O(n · 2n/2)}. Furthermore, the linear k-party CDS protocol with messages of size O(N^(k-1)/2) was recently used by Liu and Vaikuntanathan [STOC 2018] to construct a linear secret-sharing scheme with share size O(20.999n) for any n-party access structure.

Original languageEnglish
Title of host publicationAdvances in Cryptology – ASIACRYPT 2018 - 24th International Conference on the Theory and Application of Cryptology and Information Security, Proceedings
EditorsThomas Peyrin, Steven Galbraith
PublisherSpringer Verlag
Pages332-362
Number of pages31
ISBN (Print)9783030033316
DOIs
StatePublished - 1 Jan 2018
Event24th Annual International Conference on Theory and Application of Cryptology and Information Security, ASIACRYPT 2018 - Brisbane, Australia
Duration: 2 Dec 20186 Dec 2018

Publication series

NameLecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Volume11274 LNCS
ISSN (Print)0302-9743
ISSN (Electronic)1611-3349

Conference

Conference24th Annual International Conference on Theory and Application of Cryptology and Information Security, ASIACRYPT 2018
Country/TerritoryAustralia
CityBrisbane
Period2/12/186/12/18

Keywords

  • Conditional disclosure of secrets protocols
  • Secret-sharing schemes

ASJC Scopus subject areas

  • Theoretical Computer Science
  • General Computer Science

Fingerprint

Dive into the research topics of 'Optimal linear multiparty conditional disclosure of secrets protocols'. Together they form a unique fingerprint.

Cite this