On Codes, Matroids, and Secure Multiparty Computation From Linear Secret-Sharing Schemes

Error-correcting codes and matroids have been widely used in the study of ordinary secret sharing schemes. In this paper, the connections between codes, matroids, and a special class of secret sharing schemes, namely, multiplicative linear secret sharing schemes (LSSSs), are studied. Such schemes are known to enable multiparty computation protocols secure against general (nonthreshold) adversaries. Two open problems related to the complexity of multiplicative LSSSs are considered in this paper. The first one deals with strongly multiplicative LSSSs. As opposed to the case of multiplicative LSSSs, it is not known whether there is an efficient method to transform an LSSS into a strongly multiplicative LSSS for the same access structure with a polynomial increase of the complexity. A property of strongly multiplicative LSSSs that could be useful in solving this problem is proved. Namely, using a suitable generalization of the well-known Berlekamp-Welch decoder, it is shown that all strongly multiplicative LSSSs enable efficient reconstruction of a shared secret in the presence of malicious faults. The second one is to characterize the access structures of ideal multiplicative LSSSs. Specifically, the considered open problem is to determine whether all self-dual vector space access structures are in this situation. By the aforementioned connection, this in fact constitutes an open problem about matroid theory, since it can be restated in terms of representability of identically self-dual matroids by self-dual codes. A new concept is introduced, the flat-partition, that provides a useful classification of identically self-dual matroids. Uniform identically self-dual matroids, which are known to be representable by self-dual codes, form one of the classes. It is proved that this property also holds for the family of matroids that, in a natural way, is the next class in the above classification: the identically self-dual bipartite matroids.

[1]  Adi Shamir,et al.  How to share a secret , 1979, CACM.

[2]  Peter J. Cameron,et al.  Cycle Index, Weight Enumerator, and Tutte Polynomial , 2002, Electron. J. Comb..

[3]  Carles Padró,et al.  Representing Small Identically Self-Dual Matroids by Self-Dual Codes , 2006, SIAM J. Discret. Math..

[4]  Frantisek Matús,et al.  Matroid representations by partitions , 1999, Discret. Math..

[5]  Tamir Tassa,et al.  Characterizing Ideal Weighted Threshold Secret Sharing , 2008, SIAM J. Discret. Math..

[6]  Siaw-Lynn Ng A Representation of a Family of Secret Sharing Matroids , 2003, Des. Codes Cryptogr..

[7]  Carles Padró,et al.  Secret Sharing Schemes with Bipartite Access Structure , 1998, EUROCRYPT.

[8]  Gustavus J. Simmons,et al.  An Introduction to Shared Secret and/or Shared Control Schemes and Their ApplicationThis work was performed at Sandia National Laboratories and supported by the U.S. Department of Energy under contract number DEAC0476DPOO789. , 1992 .

[9]  E. Kunz Introduction to commutative algebra and algebraic geometry , 1984 .

[10]  Zinovy Reichstein,et al.  Essential Dimensions of Algebraic Groups and a Resolution Theorem for G-Varieties , 1999, Canadian Journal of Mathematics.

[11]  Ruud Pellikaan,et al.  On decoding by error location and dependent sets of error positions , 1992, Discret. Math..

[12]  Ronald Cramer,et al.  Optimal Black-Box Secret Sharing over Arbitrary Abelian Groups , 2002, CRYPTO.

[13]  Gustavus J. Simmons,et al.  Contemporary Cryptology: The Science of Information Integrity , 1994 .

[14]  Ueli Maurer,et al.  General Secure Multi-party Computation from any Linear Secret-Sharing Scheme , 2000, EUROCRYPT.

[15]  Tamir Tassa Hierarchical Threshold Secret Sharing , 2004, TCC.

[16]  Keith M. Martin,et al.  Geometric secret sharing schemes and their duals , 1994, Des. Codes Cryptogr..

[17]  Carles Padró,et al.  Secret Sharing Schemes on Access Structures with Intersection Number Equal to One , 2002, SCN.

[18]  Ueli Maurer,et al.  Complete characterization of adversaries tolerable in secure multi-party computation (extended abstract) , 1997, PODC '97.

[19]  Thomas Britz,et al.  MacWilliams Identities and Matroid Polynomials , 2002, Electron. J. Comb..

[20]  Alexei E. Ashikhmin,et al.  Almost Affine Codes , 1998, Des. Codes Cryptogr..

[21]  Amos Beimel,et al.  On Matroids and Non-ideal Secret Sharing , 2006, TCC.

[22]  Marten van Dijk A Linear Construction of Secret Sharing Schemes , 1997, Des. Codes Cryptogr..

[23]  Carles Padró,et al.  On secret sharing schemes, matroids and polymatroids , 2006, J. Math. Cryptol..

[24]  James L. Massey,et al.  Minimal Codewords and Secret Sharing , 1999 .

[25]  David Chaum,et al.  Multiparty unconditionally secure protocols , 1988, STOC '88.

[26]  Ernest F. Brickell,et al.  Some Ideal Secret Sharing Schemes , 1990, EUROCRYPT.

[27]  Siaw-Lynn Ng,et al.  On the Composition of Matroids and Ideal Secret Sharing Schemes , 2001, Des. Codes Cryptogr..

[28]  Silvio Micali,et al.  How to play ANY mental game , 1987, STOC.

[29]  Carles Padró,et al.  Secret sharing schemes with bipartite access structure , 2000, IEEE Trans. Inf. Theory.

[30]  Moni Naor,et al.  Adaptively secure multi-party computation , 1996, STOC '96.

[31]  Ernest F. Brickell,et al.  On the classification of ideal secret sharing schemes , 1989, Journal of Cryptology.

[32]  Avi Wigderson,et al.  Completeness theorems for non-cryptographic fault-tolerant distributed computation , 1988, STOC '88.

[33]  Douglas R. Stinson,et al.  An explication of secret sharing schemes , 1992, Des. Codes Cryptogr..

[34]  James G. Oxley,et al.  Matroid theory , 1992 .

[35]  Avi Wigderson,et al.  On span programs , 1993, [1993] Proceedings of the Eigth Annual Structure in Complexity Theory Conference.

[36]  C. Greene Weight Enumeration and the Geometry of Linear Codes , 1976 .

[37]  Alexander Barg On Some Polynomials Related to Weight Enumerators of Linear Codes , 2002, SIAM J. Discret. Math..