TY - GEN
T1 - The share size of secret-sharing schemes for almost all access structures and graphs
AU - Beimel, Amos
AU - Farràs, Oriol
N1 - Funding Information:
We also study graph secret-sharing schemes. In these schemes, the parties are vertices of a graph and a set can reconstruct the secret if and only if it contains an edge. Again, for this family there is a huge gap between the upper bounds – O(n/ log n) (Erdös and Pyber, Discrete Mathematics 1997) – and the lower bounds – Ω(log n) (van Dijk, Des. Codes Crypto. 1995). We show that for almost all graphs, the share size of each party is no(1). This result is achieved by using robust 2-server conditional disclosure of secrets protocols, a new primitive introduced and A. Beimel—This work was done while visiting Georgetown University, supported by NSF grant no. 1565387, TWC: Large: Collaborative: Computing Over Distributed Sensitive Data and also supported by ERC grant 742754 (project NTSC), by ISF grant 152/17, and by a grant from the Cyber Security Research Center at Ben-Gurion University of the Negev. O. Farràs—This work is supported by grant 2017 SGR 705 from the Government of Catalonia and grant RTI2018-095094-B-C21 “CONSENT” from the Spanish Government.
Publisher Copyright:
© International Association for Cryptologic Research 2020.
PY - 2020/1/1
Y1 - 2020/1/1
N2 - The share size of general secret-sharing schemes is poorly understood. The gap between the best known upper bound on the total share size per party of 20.64n (Applebaum et al., STOC 2020) and the best known lower bound of Ω (n/log n) (Csirmaz, J. of Cryptology 1997) is huge (where n is the number of parties in the scheme). To gain some understanding on this problem, we study the share size of secret-sharing schemes of almost all access structures, i.e., of almost all collections of authorized sets. This is motivated by the fact that in complexity, many times almost all objects are hardest (e.g., most Boolean functions require exponential size circuits). All previous constructions of secret-sharing schemes were for the worst access structures (i.e., all access structures) or for specific families of access structures. We prove upper bounds on the share size for almost all access structures. We combine results on almost all monotone Boolean functions (Korshunov, Probl. Kibern. 1981) and a construction of (Liu and Vaikuntanathan, STOC 2018) and conclude that almost all access structures have a secret-sharing scheme with share size 2O(√n). We also study graph secret-sharing schemes. In these schemes, the parties are vertices of a graph and a set can reconstruct the secret if and only if it contains an edge. Again, for this family there is a huge gap between the upper bounds – O(n/log n) (Erdös and Pyber, Discrete Mathematics 1997) – and the lower bounds – Ω (log n) (van Dijk, Des. Codes Crypto. 1995). We show that for almost all graphs, the share size of each party is no(1). This result is achieved by using robust 2-server conditional disclosure of secrets protocols, a new primitive introduced and constructed in (Applebaum et al., STOC 2020), and the fact that the size of the maximal independent set in a random graph is small. Finally, using robust conditional disclosure of secrets protocols, we improve the total share size for all very dense graphs.
AB - The share size of general secret-sharing schemes is poorly understood. The gap between the best known upper bound on the total share size per party of 20.64n (Applebaum et al., STOC 2020) and the best known lower bound of Ω (n/log n) (Csirmaz, J. of Cryptology 1997) is huge (where n is the number of parties in the scheme). To gain some understanding on this problem, we study the share size of secret-sharing schemes of almost all access structures, i.e., of almost all collections of authorized sets. This is motivated by the fact that in complexity, many times almost all objects are hardest (e.g., most Boolean functions require exponential size circuits). All previous constructions of secret-sharing schemes were for the worst access structures (i.e., all access structures) or for specific families of access structures. We prove upper bounds on the share size for almost all access structures. We combine results on almost all monotone Boolean functions (Korshunov, Probl. Kibern. 1981) and a construction of (Liu and Vaikuntanathan, STOC 2018) and conclude that almost all access structures have a secret-sharing scheme with share size 2O(√n). We also study graph secret-sharing schemes. In these schemes, the parties are vertices of a graph and a set can reconstruct the secret if and only if it contains an edge. Again, for this family there is a huge gap between the upper bounds – O(n/log n) (Erdös and Pyber, Discrete Mathematics 1997) – and the lower bounds – Ω (log n) (van Dijk, Des. Codes Crypto. 1995). We show that for almost all graphs, the share size of each party is no(1). This result is achieved by using robust 2-server conditional disclosure of secrets protocols, a new primitive introduced and constructed in (Applebaum et al., STOC 2020), and the fact that the size of the maximal independent set in a random graph is small. Finally, using robust conditional disclosure of secrets protocols, we improve the total share size for all very dense graphs.
UR - http://www.scopus.com/inward/record.url?scp=85098278549&partnerID=8YFLogxK
U2 - 10.1007/978-3-030-64381-2_18
DO - 10.1007/978-3-030-64381-2_18
M3 - Conference contribution
AN - SCOPUS:85098278549
SN - 9783030643805
T3 - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
SP - 499
EP - 529
BT - Theory of Cryptography - 18th International Conference, TCC 2020, Proceedings
A2 - Pass, Rafael
A2 - Pietrzak, Krzysztof
PB - Springer Science and Business Media Deutschland GmbH
T2 - 18th International Conference on Theory of Cryptography, TCCC 2020
Y2 - 16 November 2020 through 19 November 2020
ER -