Communication Efficient Secret Sharing

A secret sharing scheme is a method to store information securely and reliably. Particularly, in a threshold secret sharing scheme, a secret is encoded into n shares, such that any set of at least t1 shares suffice to decode the secret, and any set of at most t2 <; t1 shares reveal no information about the secret. Assuming that each party holds a share and a user wishes to decode the secret by receiving information from a set of parties; the question we study is how to minimize the amount of communication between the user and the parties. We show that the necessary amount of communication, termed “decoding bandwidth”, decreases as the number of parties that participate in decoding increases. We prove a tight lower bound on the decoding bandwidth, and construct secret sharing schemes achieving the bound. Particularly, we design a scheme that achieves the optimal decoding bandwidth when d parties participate in decoding, universally for all t1 ≤ d ≤ n. The scheme is based on a generalization of Shamir's secret sharing scheme and preserves its simplicity and efficiency. In addition, we consider the setting of secure distributed storage where the proposed communication efficient secret sharing schemes not only improve decoding bandwidth but further improve disk access complexity during decoding.

[1]  Alfredo De Santis,et al.  Graph decompositions and secret sharing schemes , 2004, Journal of Cryptology.

[2]  Sriram Vishwanath,et al.  Optimal Locally Repairable and Secure Codes for Distributed Storage Systems , 2012, IEEE Transactions on Information Theory.

[3]  Amos Beimel,et al.  Secret-Sharing Schemes: A Survey , 2011, IWCC.

[4]  Sriram Vishwanath,et al.  Cooperative local repair in distributed storage , 2014, 2014 48th Annual Conference on Information Sciences and Systems (CISS).

[5]  Duncan S. Wong,et al.  On Secret Reconstruction in Secret Sharing Schemes , 2008, IEEE Transactions on Information Theory.

[6]  Sriram Vishwanath,et al.  Centralized Repair of Multiple Node Failures With Applications to Communication Efficient Secret Sharing , 2016, IEEE Transactions on Information Theory.

[7]  G. R. Blakley,et al.  Safeguarding cryptographic keys , 1899, 1979 International Workshop on Managing Requirements Knowledge (MARK).

[8]  Anne-Marie Kermarrec,et al.  Repairing Multiple Failures with Coordinated and Adaptive Regenerating Codes , 2011, 2011 International Symposium on Networking Coding.

[9]  Amos Beimel,et al.  Secret Sharing With Public Reconstruction , 1998 .

[10]  Kannan Ramchandran,et al.  Securing Dynamic Distributed Storage Systems Against Eavesdropping and Adversarial Attacks , 2010, IEEE Transactions on Information Theory.

[11]  Nihar B. Shah,et al.  Optimal Exact-Regenerating Codes for Distributed Storage at the MSR and MBR Points via a Product-Matrix Construction , 2010, IEEE Transactions on Information Theory.

[12]  Kannan Ramchandran,et al.  Asymptotic Interference Alignment for Optimal Repair of MDS Codes in Distributed Storage , 2013, IEEE Transactions on Information Theory.

[13]  Itzhak Tamo,et al.  A Family of Optimal Locally Recoverable Codes , 2013, IEEE Transactions on Information Theory.

[14]  Thomas M. Cover,et al.  Elements of Information Theory , 2005 .

[15]  Matthew K. Franklin,et al.  Secure hypergraphs: privacy from partial broadcast , 1995, STOC '95.

[16]  Douglas R. Stinson,et al.  Secure frameproof codes, key distribution patterns, group testing algorithms and related structures , 2000 .

[17]  Mitsuru Ito,et al.  Secret sharing scheme realizing general access structure , 1989 .

[18]  Alfredo De Santis,et al.  On the size of shares for secret sharing schemes , 1991, Journal of Cryptology.

[19]  Baochun Li,et al.  Cooperative repair with minimum-storage regenerating codes for distributed storage , 2014, IEEE INFOCOM 2014 - IEEE Conference on Computer Communications.

[20]  P. Vijay Kumar,et al.  Codes with locality for two erasures , 2014, 2014 IEEE International Symposium on Information Theory.

[21]  Jehoshua Bruck,et al.  EVENODD: An Efficient Scheme for Tolerating Double Disk Failures in RAID Architectures , 1995, IEEE Trans. Computers.

[22]  Nihar B. Shah,et al.  Information-Theoretically Secure Regenerating Codes for Distributed Storage , 2011, 2011 IEEE Global Telecommunications Conference - GLOBECOM 2011.

[23]  Yunnan Wu,et al.  Network coding for distributed storage systems , 2010, IEEE Trans. Inf. Theory.

[24]  P. Erdös,et al.  Families of finite sets in which no set is covered by the union ofr others , 1985 .

[25]  Richard C. Singleton,et al.  Nonrandom binary superimposed codes , 1964, IEEE Trans. Inf. Theory.

[26]  Jehoshua Bruck,et al.  Zigzag Codes: MDS Array Codes With Optimal Rebuilding , 2011, IEEE Transactions on Information Theory.

[27]  Nicolas Le Scouarnec Exact scalar minimum storage coordinated regenerating codes , 2012, 2012 IEEE International Symposium on Information Theory Proceedings.

[28]  Yunnan Wu,et al.  A Survey on Network Codes for Distributed Storage , 2010, Proceedings of the IEEE.

[29]  Emina Soljanin,et al.  Secure Network Coding for Wiretap Networks of Type II , 2009, IEEE Transactions on Information Theory.

[30]  Josef Pieprzyk,et al.  Changing Thresholds in the Absence of Secure Channels , 1999, Aust. Comput. J..

[31]  Kenneth W. Shum Cooperative Regenerating Codes for Distributed Storage Systems , 2011, 2011 IEEE International Conference on Communications (ICC).

[32]  László Lovász,et al.  On determinants, matchings, and random algorithms , 1979, FCT.

[33]  Toshiaki Tanaka,et al.  A New (k, n)-Threshold Secret Sharing Scheme and Its Extension , 2008, ISC.

[34]  Avi Wigderson,et al.  On span programs , 1993, [1993] Proceedings of the Eigth Annual Structure in Complexity Theory Conference.

[35]  Cunsheng Ding,et al.  Several Generalizations Of Shamir's Secret Sharing Scheme , 2004, Int. J. Found. Comput. Sci..

[36]  Catherine A. Meadows,et al.  Security of Ramp Schemes , 1985, CRYPTO.

[37]  Adi Shamir,et al.  How to share a secret , 1979, CACM.

[38]  Zhifang Zhang,et al.  Exact cooperative regenerating codes with minimum-repair-bandwidth for distributed storage , 2013, 2013 Proceedings IEEE INFOCOM.

[39]  Salim El Rouayheb,et al.  Staircase codes for secret sharing with optimal communication and read overheads , 2015, 2016 IEEE International Symposium on Information Theory (ISIT).

[40]  Vinod M. Prabhakaran,et al.  On the Communication Complexity of Secure Computation , 2013, IACR Cryptol. ePrint Arch..

[41]  Hung-Yu Chien,et al.  A Practical ( t , n ) Multi-Secret Sharing Scheme , 2000 .

[42]  Hirosuke Yamamoto,et al.  Secret sharing system using (k, L, n) threshold scheme , 1986 .

[43]  Alexander Vardy,et al.  MDS array codes with independent parity symbols , 1995, Proceedings of 1995 IEEE International Symposium on Information Theory.

[44]  Douglas R. Stinson,et al.  An explication of secret sharing schemes , 1992, Des. Codes Cryptogr..

[45]  Keith M. Martin,et al.  Updating the parameters of a threshold scheme by minimal broadcast , 2005, IEEE Transactions on Information Theory.

[46]  R. J. McEliece,et al.  On sharing secrets and Reed-Solomon codes , 1981, CACM.

[47]  Mitsuru Ito,et al.  Multiple assignment scheme for sharing secret , 1993, Journal of Cryptology.

[48]  Nathan Linial,et al.  Fault-Tolerant Computation in the Full Information Model , 1998, SIAM J. Comput..

[49]  Alexander Barg,et al.  Explicit Constructions of High-Rate MDS Array Codes With Optimal Repair Bandwidth , 2016, IEEE Transactions on Information Theory.

[50]  Yongge Wang,et al.  Perfectly Secure Message Transmission Revisited , 2002, IEEE Transactions on Information Theory.

[51]  Cheng Huang,et al.  On the Locality of Codeword Symbols , 2011, IEEE Transactions on Information Theory.

[52]  Ehud D. Karnin,et al.  On secret sharing systems , 1983, IEEE Trans. Inf. Theory.

[53]  Ron Steinfeld,et al.  Lattice-Based Threshold Changeability for Standard Shamir Secret-Sharing Schemes , 2007, IEEE Trans. Inf. Theory.

[54]  Min-Shiang Hwang,et al.  A (t, n) multi-secret sharing scheme , 2004, Appl. Math. Comput..

[55]  Yeow Meng Chee,et al.  Threshold changeable secret sharing schemes revisited , 2012, Theor. Comput. Sci..

[56]  Matthew K. Franklin,et al.  Secure Communication in Minimal Connectivity Models , 1998, Journal of Cryptology.

[57]  Josh Benaloh,et al.  Generalized Secret Sharing and Monotone Functions , 1990, CRYPTO.

[58]  Lie Zhu,et al.  Some New Bounds for Cover-Free Families , 2000, J. Comb. Theory, Ser. A.