Lossy Chains and Fractional Secret Sharing

Motivated by the goal of controlling the amount of work required to access a shared resource or to solve a cryptographic puzzle, we introduce and study the related notions of lossy chains and fractional secret sharing. Fractional secret sharing generalizes traditional secret sharing by allowing a fine-grained control over the amount of uncertainty about the secret. More concretely, a fractional secret sharing scheme realizes a fractional access structure f : 2^{[n]} -> {0,...,m-1} by guaranteeing that from the point of view of each set T \subseteq [n] of parties, the secret is uniformly distributed over a set of f(T) + 1 potential secrets. We show that every (monotone) fractional access structure can be realized. For symmetric structures, in which f(T) depends only on the size of T, we give an efficient construction with share size poly(n,log m). Our construction of fractional secret sharing schemes is based on the new notion of lossy chains which may be of independent interest. A lossy chain is a Markov chain (X_0,...,X_n) which starts with a random secret X_0 and gradually loses information about it at a rate which is specified by a loss function g. Concretely, in every step t, the distribution of X_0 conditioned on the value of X_t should always be uniformly distributed over a set of size g(t). We show how to construct such lossy chains efficiently for any possible loss function g, and prove that our construction achieves an optimal asymptotic information rate.

[1]  László Csirmaz,et al.  The Size of a Share Must Be Large , 1994, Journal of Cryptology.

[2]  Manuel Blum,et al.  How to exchange (secret) keys , 1983, TOCS.

[3]  Richard Cleve,et al.  Controlled Gradual Disclosure Schemes for Random Bits and Their Applications , 1989, CRYPTO.

[4]  Dimitri P. Bertsekas,et al.  Data Networks , 1986 .

[5]  Alfredo De Santis,et al.  Advances in Cryptology — EUROCRYPT'94 , 1994, Lecture Notes in Computer Science.

[6]  Moni Naor,et al.  Access Control and Signatures via Quorum Secret Sharing , 1998, IEEE Trans. Parallel Distributed Syst..

[7]  Marten van Dijk A Linear Construction of Perfect Secret Sharing Schemes , 1994, EUROCRYPT.

[8]  Adi Shamir,et al.  How to share a secret , 1979, CACM.

[9]  Carles Padró,et al.  Extending Brickell–Davenport theorem to non-perfect secret sharing schemes , 2015, Des. Codes Cryptogr..

[10]  Ernest F. Brickell,et al.  Some Ideal Secret Sharing Schemes , 1990, EUROCRYPT.

[11]  Ronald L. Rivest,et al.  Time-lock Puzzles and Timed-release Crypto , 1996 .

[12]  David Chaum,et al.  Multiparty unconditionally secure protocols , 1988, STOC '88.

[13]  Avi Wigderson,et al.  Completeness theorems for non-cryptographic fault-tolerant distributed computation , 1988, STOC '88.

[14]  Hirosuke Yamamoto,et al.  Secret sharing system using (k, L, n) threshold scheme , 1986 .

[15]  Brent Waters,et al.  Attribute-based encryption for fine-grained access control of encrypted data , 2006, CCS '06.

[16]  Josh Benaloh,et al.  Generalized Secret Sharing and Monotone Functions , 1990, CRYPTO.

[17]  Yvo Desmedt,et al.  Shared Generation of Authenticators and Signatures (Extended Abstract) , 1991, CRYPTO.

[18]  M. Wren Wagner , 1977 .

[19]  Catherine A. Meadows,et al.  Security of Ramp Schemes , 1985, CRYPTO.

[20]  Moni Naor,et al.  Pricing via Processing or Combatting Junk Mail , 1992, CRYPTO.

[21]  Ivan Damgård,et al.  Practical and provably secure release of a secret and exchange of signatures , 1994, Journal of Cryptology.

[22]  Costas S. Iliopoulos,et al.  Symposium on Theoretical Aspects of Computer Science , 2008 .

[23]  H. L. Le Roy,et al.  Proceedings of the Fifth Berkeley Symposium on Mathematical Statistics and Probability; Vol. IV , 1969 .

[24]  Kaoru Kurosawa,et al.  Nonperfect Secret Sharing Schemes and Matroids , 1994, EUROCRYPT.

[25]  G. Crooks On Measures of Entropy and Information , 2015 .

[26]  John B. Shoven,et al.  I , Edinburgh Medical and Surgical Journal.

[27]  Mitsuru Ito,et al.  Secret sharing scheme realizing general access structure , 1989 .

[28]  Michael O. Rabin,et al.  Randomized byzantine generals , 1983, 24th Annual Symposium on Foundations of Computer Science (sfcs 1983).

[29]  Ueli Maurer,et al.  General Secure Multi-party Computation from any Linear Secret-Sharing Scheme , 2000, EUROCRYPT.

[30]  Moni Naor,et al.  Moderately Hard Functions: From Complexity to Spam Fighting , 2003, FSTTCS.

[31]  G. R. Blakley,et al.  Safeguarding cryptographic keys , 1899, 1979 International Workshop on Managing Requirements Knowledge (MARK).

[32]  Ralph C. Merkle,et al.  Secure communications over insecure channels , 1978, CACM.

[33]  Claude E. Shannon,et al.  Communication theory of secrecy systems , 1949, Bell Syst. Tech. J..