TY - GEN
T1 - Weakly-private secret sharing schemes
AU - Beimel, Amos
AU - Franklin, Matthew
PY - 2007/1/1
Y1 - 2007/1/1
N2 - Secret-sharing schemes are an important tool in cryptography that is used in the construction of many secure protocols. However, the shares' size in the best known secret-sharing schemes realizing general access structures is exponential in the number of parties in the access structure, making them impractical. On the other hand, the best lower bound known for sharing of an ℓ-bit secret with respect to an access structure with n parties is Ω(ℓn/log n) (Csirmaz, EUROCRYPT 94). No major progress on closing this gap has been obtained in the last decade. Faced by our lack of understanding of the share complexity of secret sharing schemes, we investigate a weaker notion of privacy in secrets sharing schemes where each unauthorized set can never rule out any secret (rather than not learn any "probabilistic" information on the secret). Such schemes were used previously to prove lower bounds on the shares' size of perfect secret-sharing schemes. Our main results is somewhat surprising upper-bounds on the shares' size in weakly-private schemes. - For every access structure, we construct a scheme for sharing an ℓ-bit secret with (ℓ + c)-bit shares, where c is a constant depending on the access structure (alas, c can be exponential in n). Thus, our schemes become more efficient as ℓ - the secret size - grows. For example, for the above mentioned access structure of Csirmaz, we construct a scheme with shares' size ℓ + n log n. - We construct efficient weakly-private schemes for threshold access structures for sharing a one bit secret. Most impressively, for the 2-out-of-n threshold access structure, we construct a scheme with 2-bit shares (compared to Ω(log n) in any perfect secret sharing scheme).
AB - Secret-sharing schemes are an important tool in cryptography that is used in the construction of many secure protocols. However, the shares' size in the best known secret-sharing schemes realizing general access structures is exponential in the number of parties in the access structure, making them impractical. On the other hand, the best lower bound known for sharing of an ℓ-bit secret with respect to an access structure with n parties is Ω(ℓn/log n) (Csirmaz, EUROCRYPT 94). No major progress on closing this gap has been obtained in the last decade. Faced by our lack of understanding of the share complexity of secret sharing schemes, we investigate a weaker notion of privacy in secrets sharing schemes where each unauthorized set can never rule out any secret (rather than not learn any "probabilistic" information on the secret). Such schemes were used previously to prove lower bounds on the shares' size of perfect secret-sharing schemes. Our main results is somewhat surprising upper-bounds on the shares' size in weakly-private schemes. - For every access structure, we construct a scheme for sharing an ℓ-bit secret with (ℓ + c)-bit shares, where c is a constant depending on the access structure (alas, c can be exponential in n). Thus, our schemes become more efficient as ℓ - the secret size - grows. For example, for the above mentioned access structure of Csirmaz, we construct a scheme with shares' size ℓ + n log n. - We construct efficient weakly-private schemes for threshold access structures for sharing a one bit secret. Most impressively, for the 2-out-of-n threshold access structure, we construct a scheme with 2-bit shares (compared to Ω(log n) in any perfect secret sharing scheme).
UR - http://www.scopus.com/inward/record.url?scp=38049002374&partnerID=8YFLogxK
U2 - 10.1007/978-3-540-70936-7_14
DO - 10.1007/978-3-540-70936-7_14
M3 - Conference contribution
AN - SCOPUS:38049002374
SN - 9783540709350
T3 - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
SP - 253
EP - 272
BT - Theory of Cryptography - 4th Theory of Cryptography Conference, TCC 2007, Proceedings
PB - Springer Verlag
T2 - 4th Theory of Cryptography Conference, TCC 2OO7
Y2 - 21 February 2007 through 24 February 2007
ER -