The Torsion-Limit for Algebraic Function Fields and Its Application to Arithmetic Secret Sharing

An (n, t, d, n-t)-arithmetic secret sharing scheme (with uniformity) for Fqk over Fq is an Fq-linear secret sharing scheme where the secret is selected from Fqk and each of the n shares is an element of Fq. Moreover, there is t-privacy (in addition, any t shares are uniformly random in Fqt) and, if one considers the d-fold "component-wise" product of any d sharings, then the d-fold component-wise product of the d respective secrets is (n - t)-wise uniquely determined by it. Such schemes are a fundamental primitive in information-theoretically secure multiparty computation. Perhaps counter-intuitively, secure multi-party computation is a very powerful primitive for communication-efficient two-party cryptography, as shown recently in a series of surprising results from 2007 on. Moreover, the existence of asymptotically good arithmetic secret sharing schemes plays a crucial role in their communication-efficiency: for each d ≥ 2, if A(q) > 2d, where A(q) is Ihara's constant, then there exists an infinite family of such schemes over Fq such that n is unbounded, k = Ω(n) and t = Ω(n), as follows from a result at CRYPTO'06. Our main contribution is a novel paradigm for constructing asymptotically good arithmetic secret sharing schemes from towers of algebraic function fields. It is based on a new limit that, for a tower with a given Ihara limit and given positive integer l, gives information on the cardinality of the l-torsion sub-groups of the associated degree-zero divisor class groups and that we believe is of independent interest. As an application of the bounds we obtain, we relax the condition A(q) > 2d from the CRYPTO'06 result substantially in terms of our torsion-limit. As a consequence, this result now holds over nearly all finite fields Fq. For example, if d=2, it is sufficient that q = 8,9 or q ≥ 16.

[1]  Rafail Ostrovsky,et al.  Constant-Rate Oblivious Transfer from Noisy Channels , 2011, CRYPTO.

[2]  Rafail Ostrovsky,et al.  Extracting Correlations , 2009, 2009 50th Annual IEEE Symposium on Foundations of Computer Science.

[3]  Chaoping Xing,et al.  Algebraic-geometry codes with asymptotic parameters better than the Gilbert-Varshamov and the Tsfasman-Vladut-Zink bounds , 2001, IEEE Trans. Inf. Theory.

[4]  Yuval Ishai,et al.  OT-Combiners via Secure Computation , 2008, TCC.

[5]  Cynthia Dwork,et al.  Advances in Cryptology – CRYPTO 2020: 40th Annual International Cryptology Conference, CRYPTO 2020, Santa Barbara, CA, USA, August 17–21, 2020, Proceedings, Part III , 2020, Annual International Cryptology Conference.

[6]  Nigel P. Smart,et al.  Advances in Cryptology - EUROCRYPT 2008, 27th Annual International Conference on the Theory and Applications of Cryptographic Techniques, Istanbul, Turkey, April 13-17, 2008. Proceedings , 2008, EUROCRYPT.

[7]  Robin Milner An Action Structure for Synchronous pi-Calculus , 1993, FCT.

[8]  Joe Kilian,et al.  Founding crytpography on oblivious transfer , 1988, STOC '88.

[9]  Yuval Ishai,et al.  Perfectly Secure Multiparty Computation and the Computational Overhead of Cryptography , 2010, IACR Cryptol. ePrint Arch..

[10]  Martijn Stam Beyond Uniformity: Better Security/Efficiency Tradeoffs for Compression Functions , 2008, CRYPTO.

[11]  Chaoping Xing,et al.  Goppa geometric codes achieving the Gilbert-Varshamov bound , 2005, IEEE Transactions on Information Theory.

[12]  David Chaum,et al.  Multiparty unconditionally secure protocols , 1988, STOC '88.

[13]  Shai Halevi Advances in Cryptology - CRYPTO 2009, 29th Annual International Cryptology Conference, Santa Barbara, CA, USA, August 16-20, 2009. Proceedings , 2009, CRYPTO.

[14]  Carles Padró,et al.  On Codes, Matroids, and Secure Multiparty Computation From Linear Secret-Sharing Schemes , 2008, IEEE Trans. Inf. Theory.

[15]  Y. Ihara,et al.  Some remarks on the number of rational points of algebratic curves over finite fields , 1982 .

[16]  Adi Shamir,et al.  How to share a secret , 1979, CACM.

[17]  Ignacio Cascudo,et al.  Strongly Multiplicative Ramp Schemes from High Degree Rational Points on Curves , 2008, EUROCRYPT.

[18]  Ivan Damgård,et al.  On the Amortized Complexity of Zero Knowledge Protocols for Multiplicative Relations , 2012, ICITS.

[19]  Th. Zink,et al.  Degeneration of Shimura surfaces and a problem in coding theory , 1985, FCT.

[20]  Carles Padró,et al.  On Codes, Matroids, and Secure Multiparty Computation From Linear Secret-Sharing Schemes , 2005, IEEE Transactions on Information Theory.

[21]  Gilles Lachaud,et al.  Nombre de points des jacobiennes sur un corps fini , 1990 .

[22]  M. Tsfasman,et al.  Modular curves, Shimura curves, and Goppa codes, better than Varshamov‐Gilbert bound , 1982 .

[23]  H. Stichtenoth,et al.  A tower of Artin-Schreier extensions of function fields attaining the Drinfeld-Vladut bound , 1995 .

[24]  Rawatee Maharaj-Sharma Online Lecture Notes , 2005 .

[25]  Serge Lang,et al.  Abelian varieties , 1983 .

[26]  H. Stichtenoth,et al.  On the Asymptotic Behaviour of Some Towers of Function Fields over Finite Fields , 1996 .

[27]  Hao Chen,et al.  Secure Computation from Random Error Correcting Codes , 2007, EUROCRYPT.

[28]  H. Niederreiter,et al.  Low-Discrepancy Sequences and Global Function Fields with Many Rational Places , 1996 .

[29]  Michael Rosen,et al.  Number Theory in Function Fields , 2002 .

[30]  Henning Stichtenoth,et al.  Algebraic function fields and codes , 1993, Universitext.

[31]  Henning Stichtenoth,et al.  An explicit tower of function fields over cubic finite fields and Zink’s lower bound , 2005 .

[32]  Bart Preneel,et al.  Advances in cryptology - EUROCRYPT 2000 : International Conference on the Theory and Application of Cryptographic Techniques, Bruges, Belgium, May 14-18, 2000 : proceedings , 2000 .

[33]  Henning Stichtenoth,et al.  A new tower over cubic finite fields , 2008 .

[34]  Rafail Ostrovsky,et al.  Zero-knowledge from secure multiparty computation , 2007, STOC '07.

[35]  Hao Chen,et al.  Algebraic Geometric Secret Sharing Schemes and Secure Multi-Party Computations over Small Fields , 2006, CRYPTO.

[36]  Avi Wigderson,et al.  Completeness theorems for non-cryptographic fault-tolerant distributed computation , 1988, STOC '88.

[37]  H. Niederreiter,et al.  Rational Points on Curves Over Finite Fields: Theory and Applications , 2001 .

[38]  Henri Gilbert,et al.  Advances in Cryptology - EUROCRYPT 2010, 29th Annual International Conference on the Theory and Applications of Cryptographic Techniques, Monaco / French Riviera, May 30 - June 3, 2010. Proceedings , 2010, EUROCRYPT.

[39]  Matthew K. Franklin,et al.  Communication complexity of secure computation (extended abstract) , 1992, STOC '92.

[40]  S. Vladut,et al.  Number of points of an algebraic curve , 1983 .

[41]  Ueli Maurer,et al.  General Secure Multi-party Computation from any Linear Secret-Sharing Scheme , 2000, EUROCRYPT.

[42]  Ignacio Cascudo,et al.  Asymptotically Good Ideal Linear Secret Sharing with Strong Multiplication over Any Fixed Finite Field , 2009, CRYPTO.

[43]  S. Hansen Rational Points on Curves over Finite Fields , 1995 .

[44]  Chaoping Xing,et al.  Algebraic curves with many points over the binary field , 2007 .

[45]  Yuval Ishai,et al.  Founding Cryptography on Oblivious Transfer - Efficiently , 2008, CRYPTO.

[46]  A. Weil,et al.  Variétés abéliennes et courbes algébriques , 1948 .

[47]  Moni Naor Advances in Cryptology - EUROCRYPT 2007, 26th Annual International Conference on the Theory and Applications of Cryptographic Techniques, Barcelona, Spain, May 20-24, 2007, Proceedings , 2007, EUROCRYPT.

[48]  Iwan Duursma,et al.  On lower bounds for the Ihara constants $A(2)$ and $A(3)$ , 2011, Compositio Mathematica.

[49]  I. Shparlinski,et al.  Curves with many points and multiplication in finite fileds , 1992 .