Improved Threshold Signatures, Proactive Secret Sharing, and Input Certification from LSS Isomorphisms

In this paper we present the concept of linear secret-sharing homomorphisms, which are linear transformations between different secretsharing schemes defined over vector spaces over a field F and allow for efficient multiparty conversion from one secret-sharing scheme to the other. This concept generalizes the observation from (Smart and Talibi, IMACC 2019) and (Dalskov et al., ESORICS 2020) that moving from a secret-sharing scheme over Fp to a secret sharing over an elliptic curve group G of order p can be done non-interactively by multiplying the share unto a generator of G. We generalize this idea and show that it can also be used to compute arbitrary bilinear maps and in particular pairings over elliptic curves. We present several practical applications using our techniques: First we show how to securely realize the Pointcheval-Sanders signature scheme (CT-RSA 2016) in MPC. Second we present a construction for dynamic proactive secret-sharing which outperforms the current state of the art from CCS 2019. Third we present a construction for MPC input certification using digital signatures that we show experimentally to outperform the previous best solution in this area.

[1]  Kannan Balasubramanian,et al.  Secure Multiparty Computation , 2011, Encyclopedia of Cryptography and Security.

[2]  Adi Shamir,et al.  How to share a secret , 1979, CACM.

[3]  Razvan Barbulescu,et al.  Extended Tower Number Field Sieve: A New Complexity for the Medium Prime Case , 2016, CRYPTO.

[4]  Jan Camenisch,et al.  Signature Schemes and Anonymous Credentials from Bilinear Maps , 2004, CRYPTO.

[5]  Dan Boneh,et al.  Short Signatures Without Random Oracles , 2004, EUROCRYPT.

[6]  Judit Bar-Ilan,et al.  Non-cryptographic fault-tolerant computing in constant number of rounds of interaction , 1989, PODC '89.

[7]  Marcel Keller,et al.  Practical Covertly Secure MPC for Dishonest Majority - Or: Breaking the SPDZ Limits , 2013, ESORICS.

[8]  Rafail Ostrovsky,et al.  How to withstand mobile virus attacks, revisited , 2014, PODC '14.

[9]  Ran Canetti,et al.  UC Non-Interactive, Proactive, Threshold ECDSA with Identifiable Aborts , 2020, CCS.

[10]  G. Fitzgerald,et al.  'I. , 2019, Australian journal of primary health.

[11]  Vipul Goyal,et al.  Malicious Security Comes Free in Honest-Majority MPC , 2020, IACR Cryptol. ePrint Arch..

[12]  Hugo Krawczyk,et al.  Proactive Secret Sharing Or: How to Cope With Perpetual Leakage , 1995, CRYPTO.

[13]  Andrew Chi-Chih Yao,et al.  Protocols for Secure Computations (Extended Abstract) , 1982, FOCS.

[14]  Alfred Menezes,et al.  Challenges with Assessing the Impact of NFS Advances on the Security of Pairing-Based Cryptography , 2016, Mycrypt.

[15]  Nigel P. Smart,et al.  Distributing Any Elliptic Curve Based Protocol , 2019, IMACC.

[16]  Markus Jakobsson,et al.  Proactive public key and signature systems , 1997, CCS '97.

[17]  Silvio Micali,et al.  A Digital Signature Scheme Secure Against Adaptive Chosen-Message Attacks , 1988, SIAM J. Comput..

[18]  Tal Rabin,et al.  Secure distributed storage and retrieval , 1997, Theor. Comput. Sci..

[19]  Aner Ben-Efraim,et al.  Common information, matroid representation, and secret sharing for matroid ports , 2021, Des. Codes Cryptogr..

[20]  Ran Canetti,et al.  UC Non-Interactive, Proactive, Threshold ECDSA , 2020, IACR Cryptol. ePrint Arch..

[21]  Moses D. Liskov,et al.  Mobile proactive secret sharing , 2008, PODC '08.

[22]  Marcel Keller,et al.  Securing DNSSEC Keys via Threshold ECDSA from Generic MPC , 2020, ESORICS.

[23]  Dragos Rotaru,et al.  Maliciously Secure Matrix Multiplication with Applications to Private Deep Learning , 2020, IACR Cryptol. ePrint Arch..

[24]  Yehuda Lindell,et al.  High-Throughput Semi-Honest Secure Three-Party Computation with an Honest Majority , 2016, IACR Cryptol. ePrint Arch..

[25]  Marcel Keller,et al.  Secure Evaluation of Quantized Neural Networks , 2019, IACR Cryptol. ePrint Arch..

[26]  Donald Beaver,et al.  Efficient Multiparty Protocols Using Circuit Randomization , 1991, CRYPTO.

[27]  Eli Ben-Sasson,et al.  Zerocash: Decentralized Anonymous Payments from Bitcoin , 2014, 2014 IEEE Symposium on Security and Privacy.

[28]  Ivan Damgård,et al.  Scalable and Unconditionally Secure Multiparty Computation , 2007, CRYPTO.

[29]  Ian Goldberg,et al.  Constant-Size Commitments to Polynomials and Their Applications , 2010, ASIACRYPT.

[30]  Dawn Xiaodong Song,et al.  CHURP: Dynamic-Committee Proactive Secret Sharing , 2019, IACR Cryptol. ePrint Arch..

[31]  Rafail Ostrovsky,et al.  How to withstand mobile virus attacks (extended abstract) , 1991, PODC '91.

[32]  Brent Waters,et al.  Attribute-based encryption for fine-grained access control of encrypted data , 2006, CCS '06.

[33]  Ignacio Cascudo,et al.  Amortized Complexity of Information-Theoretically Secure MPC Revisited , 2018, IACR Cryptol. ePrint Arch..

[34]  Rosario Gennaro,et al.  Publicly verifiable delegation of large polynomials and matrix computations, with applications , 2012, IACR Cryptol. ePrint Arch..

[35]  Antoine Joux,et al.  Injective Encodings to Elliptic Curves , 2013, ACISP.

[36]  Marcel Keller,et al.  Securing DNSSEC Keys via Threshold ECDSA From Generic MPC , 2020, IACR Cryptol. ePrint Arch..

[37]  Carles Padró,et al.  Multi-linear Secret-Sharing Schemes , 2014, TCC.

[38]  Yihua Zhang,et al.  Enforcing Input Correctness via Certification in Garbled Circuit Evaluation , 2017, ESORICS.

[39]  Ueli Maurer,et al.  General Secure Multi-party Computation from any Linear Secret-Sharing Scheme , 2000, EUROCRYPT.

[40]  Yuval Ishai,et al.  Share Conversion, Pseudorandom Secret-Sharing and Applications to Secure Computation , 2005, TCC.

[41]  Marina Blanton,et al.  Efficient Server-Aided Secure Two-Party Function Evaluation with Applications to Genomic Computation , 2016, IACR Cryptol. ePrint Arch..

[42]  Daniel Noble,et al.  Secure Computation over Lattices and Elliptic Curves , 2020, IACR Cryptol. ePrint Arch..

[43]  David Pointcheval,et al.  Short Randomizable Signatures , 2016, CT-RSA.

[44]  Melissa Chase,et al.  Algebraic MACs and Keyed-Verification Anonymous Credentials , 2014, CCS.

[45]  Marina Blanton,et al.  Improved Signature Schemes for Secure Multi-party Computation with Certified Inputs , 2018, ESORICS.

[46]  Rafail Ostrovsky,et al.  Communication-Optimal Proactive Secret Sharing for Dynamic Groups , 2015, ACNS.

[47]  Alex J. Malozemoff,et al.  Efficiently Enforcing Input Validity in Secure Two-party Computation , 2016, IACR Cryptol. ePrint Arch..

[48]  Chris Peikert On Error Correction in the Exponent , 2005, IACR Cryptol. ePrint Arch..

[49]  Melissa Chase,et al.  The Signal Private Group System and Anonymous Credentials Supporting Efficient Verifiable Encryption , 2020, IACR Cryptol. ePrint Arch..

[50]  Madhu Sudan,et al.  Highly Resilient Correctors for Polynomials , 1992, Inf. Process. Lett..

[51]  Yi Mu,et al.  Constant-Size Dynamic k-TAA , 2006, SCN.

[52]  Victor Shoup,et al.  Practical Threshold Signatures , 2000, EUROCRYPT.

[53]  P. Cochat,et al.  Et al , 2008, Archives de pediatrie : organe officiel de la Societe francaise de pediatrie.

[54]  Paul Feldman,et al.  A practical scheme for non-interactive verifiable secret sharing , 1987, 28th Annual Symposium on Foundations of Computer Science (sfcs 1987).