Function secret sharing (FSS) is a cryptographic primitive that is introduced by Boyle <italic>et al.</italic> (Eurocrypt 2015), motivated by application scenarios involving private access to large distributed data while minimising the overhead of communication, for example, private information retrieval. Informally, an <inline-formula> <tex-math notation="LaTeX">$n$ </tex-math></inline-formula>-party FSS scheme splits a function <inline-formula> <tex-math notation="LaTeX">$f$ </tex-math></inline-formula> into <inline-formula> <tex-math notation="LaTeX">$n$ </tex-math></inline-formula> functions <inline-formula> <tex-math notation="LaTeX">$f_{1},\ldots,f_{n}$ </tex-math></inline-formula> such that <inline-formula> <tex-math notation="LaTeX">$f=f_{1}+\cdots +f_{n}$ </tex-math></inline-formula> and every strict subset of the function shares hide <inline-formula> <tex-math notation="LaTeX">$f$ </tex-math></inline-formula>. Most of the known FSS constructions only have computational hiding, namely, the hiding property holds only against a computationally bounded adversary. We consider information-theoretic hiding in this work while allowing <inline-formula> <tex-math notation="LaTeX">$f$ </tex-math></inline-formula> to be recovered from <inline-formula> <tex-math notation="LaTeX">$t$ </tex-math></inline-formula> function shares and correspondingly, any <inline-formula> <tex-math notation="LaTeX">$(t-1)$ </tex-math></inline-formula> function shares unconditionally hide <inline-formula> <tex-math notation="LaTeX">$f$ </tex-math></inline-formula>. Call it <inline-formula> <tex-math notation="LaTeX">$(t,n)$ </tex-math></inline-formula>-threshold function secret sharing (<inline-formula> <tex-math notation="LaTeX">$(t,n)$ </tex-math></inline-formula>-TFSS for short). Using information-theoretic tools and through a series of optimizations, we show that our <inline-formula> <tex-math notation="LaTeX">$(t,n)$ </tex-math></inline-formula>-TFSS have better performance than FSS in terms of communication complexity, a criterion that measures the efficiency of such protocols. Specifically, a <inline-formula> <tex-math notation="LaTeX">$(t,n)$ </tex-math></inline-formula>-TFSS scheme with communication complexity <inline-formula> <tex-math notation="LaTeX">$O(l)$ </tex-math></inline-formula> is designed in this paper and it is better than the existing FSS schemes with lowest communication complexity <inline-formula> <tex-math notation="LaTeX">$O(\lambda l)$ </tex-math></inline-formula>, where <inline-formula> <tex-math notation="LaTeX">$\lambda $ </tex-math></inline-formula> is the length of pseudo-random generator’s seeds. In addition, the <inline-formula> <tex-math notation="LaTeX">$(t,n)$ </tex-math></inline-formula>-TFSS have an extra robustness property in the sense that even if up to <inline-formula> <tex-math notation="LaTeX">$(n-t)$ </tex-math></inline-formula> function shares are not available, the protocol still computes the function value at a given point correctly.
[1]
Leonid A. Levin,et al.
Pseudo-random Generation from one-way functions (Extended Abstracts)
,
1989,
STOC 1989.
[2]
Giulio Malavolta,et al.
Homomorphic Secret Sharing for Low Degree Polynomials
,
2018,
ASIACRYPT.
[3]
Yuval Ishai,et al.
Homomorphic Secret Sharing: Optimizations and Applications
,
2017,
CCS.
[4]
Frank Wang,et al.
Splinter: Practical Private Queries on Public Data
,
2017,
NSDI.
[5]
Yuval Ishai,et al.
Secure Computation with Preprocessing via Function Secret Sharing
,
2019,
IACR Cryptol. ePrint Arch..
[6]
Yuval Ishai,et al.
Function Secret Sharing: Improvements and Extensions
,
2016,
CCS.
[7]
Yuval Ishai,et al.
Function Secret Sharing
,
2015,
EUROCRYPT.
[8]
Adi Shamir,et al.
How to share a secret
,
1979,
CACM.
[9]
Niv Gilboa,et al.
Computationally private information retrieval (extended abstract)
,
1997,
STOC '97.
[10]
Elette Boyle,et al.
Homomorphic Secret Sharing from Lattices Without FHE
,
2019,
IACR Cryptol. ePrint Arch..
[11]
Leonid A. Levin,et al.
A Pseudorandom Generator from any One-way Function
,
1999,
SIAM J. Comput..
[12]
Rafail Ostrovsky,et al.
Private information storage (extended abstract)
,
1997,
STOC '97.
[13]
Eyal Kushilevitz,et al.
Private information retrieval
,
1995,
Proceedings of IEEE 36th Annual Foundations of Computer Science.
[14]
Xiao Li,et al.
(t,p)-Threshold Point Function Secret Sharing Scheme Based on Polynomial Interpolation and Its Application
,
2016,
2016 IEEE/ACM 9th International Conference on Utility and Cloud Computing (UCC).
[15]
Craig Gentry,et al.
Fully homomorphic encryption using ideal lattices
,
2009,
STOC '09.
[16]
Yuval Ishai,et al.
Breaking the Circuit Size Barrier for Secure Computation Under DDH
,
2016,
CRYPTO.
[17]
Thomas Plantard,et al.
Fully Homomorphic Encryption Using Hidden Ideal Lattice
,
2013,
IEEE Transactions on Information Forensics and Security.
[18]
Yuval Ishai,et al.
General constructions for information-theoretic private information retrieval
,
2005,
J. Comput. Syst. Sci..
[19]
Yuval Ishai,et al.
Distributed Point Functions and Their Applications
,
2014,
EUROCRYPT.