Algebraic Geometric Secret Sharing Schemes and Secure Multi-Party Computations over Small Fields

We introduce algebraic geometric techniques in secret sharing and in secure multi-party computation (MPC) in particular. The main result is a linear secret sharing scheme (LSSS) defined over a finite field ${\mathbb F}_q$, with the following properties. 1. It is ideal. The number of players n can be as large as $\#C({\mathbb F}_q)$, where C is an algebraic curve C of genus g defined over ${\mathbb F}_q$. 2. It is quasi-threshold: it is t-rejecting and t+1+2g-accepting, but not necessarily t+1-accepting. It is thus in particular a ramp scheme. High information rate can be achieved. 3. It has strong multiplication with respect to the t-threshold adversary structure, if $t<\frac{1}{3}n-\frac{4}{3}g$. This is a multi-linear algebraic property on an LSSS facilitating zero-error multi-party multiplication, unconditionally secure against corruption by an active t-adversary. 4. The finite field ${\mathbb F}_q$ can be dramatically smaller than n. This is by using algebraic curves with many ${\mathbb F}_q$-rational points. For example, for each small enough e, there is a finite field ${\mathbb F}_q$ such that for infinitely many n there is an LSSS over ${\mathbb F}_q$ with strong multiplication satisfying $(\frac{1}{3}- \epsilon) n\leq t < \frac{1}{3}n$. 5. Shamir's scheme, which requires n>q and which has strong multiplication for $t<\frac{1}{3}n$, is a special case by taking g=0. Now consider the classical (“BGW”) scenario of MPC unconditionally secure (with zero error probability) against an active t-adversary with $t<\frac{1}{3}n$, in a synchronous n-player network with secure channels. By known results it now follows that there exist MPC protocols in this scenario, achieving the same communication complexities in terms of the number of field elements exchanged in the network compared with known Shamir-based solutions. However, in return for decreasing corruption tolerance by a small e-fraction, q may be dramatically smaller than n. This tolerance decrease is unavoidable due to properties of MDS codes. The techniques extend to other models of MPC. Results on less specialized LSSS can be obtained from more general coding theory arguments.

[1]  Carles Padró,et al.  On Codes, Matroids, and Secure Multiparty Computation From Linear Secret-Sharing Schemes , 2008, IEEE Trans. Inf. Theory.

[2]  Ivan Damgård,et al.  On the complexity of verifiable secret sharing and multiparty computation , 2000, STOC '00.

[3]  G. R. Blakley,et al.  Safeguarding cryptographic keys , 1899, 1979 International Workshop on Managing Requirements Knowledge (MARK).

[4]  Amit Sahai,et al.  Coding Constructions for Blacklisting Problems without Computational Assumptions , 1999, CRYPTO.

[5]  Ronald Cramer,et al.  Optimal Black-Box Secret Sharing over Arbitrary Abelian Groups , 2002, CRYPTO.

[6]  R. J. McEliece,et al.  On sharing secrets and Reed-Solomon codes , 1981, CACM.

[7]  Jürgen Bierbrauer,et al.  Universal Hashing and Geometric Codes , 1997, Des. Codes Cryptogr..

[8]  Avi Wigderson,et al.  Completeness theorems for non-cryptographic fault-tolerant distributed computation , 1988, STOC '88.

[9]  Tal Rabin,et al.  Verifiable secret sharing and multiparty protocols with honest majority , 1989, STOC '89.

[10]  Ivan Damgård,et al.  Atomic Secure Multi-party Multiplication with Low Communication , 2007, EUROCRYPT.

[11]  JM Jeroen Doumen,et al.  Some applications of coding theory in cryptography , 2003 .

[12]  Jacobus H. van Lint,et al.  Introduction to Coding Theory , 1982 .

[13]  Ivan Damgård,et al.  Efficient Multiparty Computations Secure Against an Adaptive Adversary , 1999, EUROCRYPT.

[14]  Henning Stichtenoth,et al.  Algebraic function fields and codes , 1993, Universitext.

[15]  James L. Massey,et al.  Minimal Codewords and Secret Sharing , 1999 .

[16]  R. Tennant Algebra , 1941, Nature.

[17]  H. Stichtenoth,et al.  A low complexity algorithm for the construction of algebraic geometric codes better than the Gilbert-Varshamov bound , 2001, Proceedings. 2001 IEEE International Symposium on Information Theory (IEEE Cat. No.01CH37252).

[18]  Chaoping Xing,et al.  Authentication Codes and Algebraic Curves , 2001 .

[19]  David Chaum,et al.  Multiparty unconditionally secure protocols , 1988, STOC '88.

[20]  Ronald Cramer,et al.  Black-Box Secret Sharing from Primitive Sets in Algebraic Number Fields , 2005, CRYPTO.

[21]  Victor Shoup Advances in Cryptology - CRYPTO 2005: 25th Annual International Cryptology Conference, Santa Barbara, California, USA, August 14-18, 2005, Proceedings , 2005, CRYPTO.

[22]  Yuval Ishai,et al.  Efficient Multi-party Computation over Rings , 2003, EUROCRYPT.

[23]  H. Stichtenoth,et al.  On the Asymptotic Behaviour of Some Towers of Function Fields over Finite Fields , 1996 .

[24]  J. Massey Some Applications of Coding Theory in Cryptography , 1999 .

[25]  Serge G. Vladut,et al.  A Note on Authentication Codes from Algebraic Geometry , 1998, IEEE Trans. Inf. Theory.

[26]  Matthew K. Franklin,et al.  Communication complexity of secure computation (extended abstract) , 1992, STOC '92.

[27]  Carles Padró,et al.  On Codes, Matroids, and Secure Multiparty Computation From Linear Secret-Sharing Schemes , 2005, IEEE Transactions on Information Theory.

[28]  Michael Wiener,et al.  Advances in Cryptology — CRYPTO’ 99 , 1999 .

[29]  W. Fulton Algebraic curves , 1969 .

[30]  Kwok-Yan Lam,et al.  Constructions of authentication codes from algebraic curves over finite fields , 2000, IEEE Trans. Inf. Theory.

[31]  Bart Preneel,et al.  Advances in cryptology - EUROCRYPT 2000 : International Conference on the Theory and Application of Cryptographic Techniques, Bruges, Belgium, May 14-18, 2000 : proceedings , 2000 .

[32]  Yvo Desmedt,et al.  Perfect Homomorphic Zero-Knowledge Threshold Schemes over any Finite Abelian Group , 1994, SIAM J. Discret. Math..

[33]  Ueli Maurer,et al.  General Secure Multi-party Computation from any Linear Secret-Sharing Scheme , 2000, EUROCRYPT.

[34]  Hao Chen,et al.  Linear Secret Sharing from Algebraic-Geometric Codes , 2006, ArXiv.

[35]  Avi Wigderson,et al.  On span programs , 1993, [1993] Proceedings of the Eigth Annual Structure in Complexity Theory Conference.

[36]  Jacques Stern,et al.  Advances in Cryptology — EUROCRYPT ’99 , 1999, Lecture Notes in Computer Science.

[37]  Marcel van der Vlugt,et al.  Tables of curves with many points , 2000, Math. Comput..

[38]  Moti Yung,et al.  Advances in Cryptology — CRYPTO 2002 , 2002, Lecture Notes in Computer Science.

[39]  Adi Shamir,et al.  How to share a secret , 1979, CACM.

[40]  V. D. Goppa Codes on Algebraic Curves , 1981 .