Improving the round complexity of VSS in point-to-point networks

We revisit the following question: what is the optimal round complexity of verifiable secret sharing (VSS)? We focus here on the case of perfectly-secure VSS where the number of corrupted parties tsatisfies t< n/3, with nbeing the total number of parties. Work of Gennaro et al. (STOC 2001) and Fitzi et al. (TCC 2006) shows that, assuming a broadcast channel, 3 rounds are necessary and sufficient for efficient VSS. The efficient 3-round protocol of Fitzi et al., however, treats the broadcast channel as being available "for free" and does not attempt to minimize its usage. This approach leads to relatively poor round complexity when protocols are compiled for a point-to-point network. We show here a VSS protocol that is simultaneouslyoptimal in terms of both the number of rounds and the number of invocations of broadcast. Our protocol also has a certain "2-level sharing" property that makes it useful for constructing protocols for general secure computation.

[1]  Avi Wigderson,et al.  Completeness theorems for non-cryptographic fault-tolerant distributed computation , 1988, STOC '88.

[2]  C. Pandu Rangan,et al.  The Round Complexity of Verifiable Secret Sharing Revisited , 2009, CRYPTO.

[3]  Yehuda Lindell,et al.  Sequential composition of protocols without simultaneous termination , 2002, PODC '02.

[4]  Tal Rabin,et al.  Verifiable secret sharing and multiparty protocols with honest majority , 1989, STOC '89.

[5]  Baruch Awerbuch,et al.  Verifiable secret sharing and achieving simultaneity in the presence of faults , 1985, 26th Annual Symposium on Foundations of Computer Science (sfcs 1985).

[6]  Silvio Micali,et al.  Collective Coin Tossing Without Assumptions nor Broadcasting , 1990, CRYPTO.

[7]  K. Srinathan,et al.  Round-Optimal and Efficient Verifiable Secret Sharing , 2006, TCC.

[8]  Moti Yung,et al.  Perfectly secure message transmission , 1990, Proceedings [1990] 31st Annual Symposium on Foundations of Computer Science.

[9]  Yuval Ishai,et al.  The round complexity of verifiable secret sharing and secure multicast , 2001, STOC '01.

[10]  Nancy A. Lynch,et al.  A Lower Bound for the Time to Assure Interactive Consistency , 1982, Inf. Process. Lett..

[11]  Ueli Maurer,et al.  General Secure Multi-party Computation from any Linear Secret-Sharing Scheme , 2000, EUROCRYPT.

[12]  Chiu Yuen Koo Studies on Fault-tolerant Broadcast and Secure Computation , 2007 .

[13]  Adi Shamir,et al.  How to share a secret , 1979, CACM.

[14]  Silvio Micali,et al.  An Optimal Probabilistic Protocol for Synchronous Byzantine Agreement , 1997, SIAM J. Comput..

[15]  C. Pandu Rangan,et al.  Probabilistic Verifiable Secret Sharing Tolerating Adaptive Adversary , 2008, IACR Cryptol. ePrint Arch..

[16]  G. R. BLAKLEY Safeguarding cryptographic keys , 1979, 1979 International Workshop on Managing Requirements Knowledge (MARK).

[17]  Jonathan Katz,et al.  On Expected Constant-Round Protocols for Byzantine Agreement , 2006, CRYPTO.

[18]  Matthias Fitzi,et al.  Efficient player-optimal protocols for strong and differential consensus , 2003, PODC '03.

[19]  Jonathan Katz,et al.  Round-Efficient Secure Computation in Point-to-Point Networks , 2007, EUROCRYPT.

[20]  R. Cramer,et al.  Multiparty Computation, an Introduction , 2005 .