Bounded Collusion Protocols, Cylinder-Intersection Extractors and Leakage-Resilient Secret Sharing

In this work we study bounded collusion protocols (BCPs) recently introduced in the context of secret sharing by Kumar, Meka, and Sahai (FOCS 2019). These are multi-party communication protocols on n parties where in each round a subset of p-parties (the collusion bound) collude together and write a function of their inputs on a public blackboard. BCPs interpolate elegantly between the well-studied number-in-hand (NIH) model (p = 1) and the number-on-forehead (NOF) model (p = n− 1). Motivated by questions in communication complexity, secret sharing, and pseudorandomness we investigate BCPs more thoroughly, answering several questions about them. • We prove a polynomial (in the input-length) lower bound for an explicit function against BCPs where any constant fraction of players can collude. Previously, nontrivial lower bounds were known only when the collusion bound was at most logarithmic in the inputlength (owing to bottlenecks in NOF lower bounds). • For all t ≤ n, we construct efficient t-out-of-n secret sharing schemes where the secret remains hidden even given the transcript of a BCP with collusion bound O(t/ log t). Prior work could only handle collusions of size O(log n). Along the way, we construct leakageresilient schemes against disjoint and adaptive leakage, resolving a question asked by Goyal and Kumar (STOC 2018). • An explicit n-source cylinder intersection extractor whose output is close to uniform even when given the transcript of a BCP with a constant fraction of parties colluding. The min-entropy rate we require is 0.3 (independent of collusion bound p n). Our results rely on a new class of exponential sums that interpolate between the ones considered in additive combinatorics by Bourgain (Geometric and Functional Analysis 2009) and Petridis and Shparlinski (Journal d’Analyse Mathématique 2019). ∗a@ashutoshk.com, UCLA. Supported by NSF grants CCF-1553605 and 1619348 and US-Israel BSF grant 2012366. †raghum@cs.ucla.edu, UCLA. Supported by NSF Grant CCF-1553605. ‡diz@cs.utexas.edu, UT Austin. Supported by NSF Grant CCF-1705028 and a Simons Investigator Award (#409864).

[1]  Ehud D. Karnin,et al.  On secret sharing systems , 1983, IEEE Trans. Inf. Theory.

[2]  Carles Padró,et al.  Detection of Algebraic Manipulation with Applications to Robust Secret Sharing and Fuzzy Extractors , 2008, EUROCRYPT.

[3]  Vipul Goyal,et al.  Non-malleable Secret Sharing for General Access Structures , 2018, CRYPTO.

[4]  Alexander A. Sherstov,et al.  Inner Product and Set Disjointness: Beyond Logarithmically Many Parties , 2017, Electron. Colloquium Comput. Complex..

[5]  Noam Nisan,et al.  Multiparty Protocols, Pseudorandom Generators for Logspace, and Time-Space Trade-Offs , 1992, J. Comput. Syst. Sci..

[6]  Vipul Goyal,et al.  Non-malleable secret sharing , 2018, IACR Cryptol. ePrint Arch..

[7]  Amos Beimel,et al.  Secret-Sharing Schemes: A Survey , 2011, IWCC.

[8]  Saikrishna Badrinarayanan,et al.  Revisiting Non-Malleable Secret Sharing , 2019, IACR Cryptol. ePrint Arch..

[9]  G. R. Blakley,et al.  Safeguarding cryptographic keys , 1899, 1979 International Workshop on Managing Requirements Knowledge (MARK).

[10]  Jean Bourgain,et al.  Multilinear Exponential Sums in Prime Fields Under Optimal Entropy Condition on the Sources , 2009 .

[11]  Shachar Lovett,et al.  Rectangles Are Nonnegative Juntas , 2015, SIAM J. Comput..

[12]  Moni Naor,et al.  Secret-Sharing for NP , 2014, Journal of Cryptology.

[13]  Miklos Santha,et al.  Generating Quasi-random Sequences from Semi-random Sources , 1986, J. Comput. Syst. Sci..

[14]  Igor E. Shparlinski,et al.  Bounds of Trilinear and Quadrilinear Exponential Sums , 2016, Journal d'Analyse Mathématique.

[15]  J. Bourgain,et al.  MORE ON THE SUM-PRODUCT PHENOMENON IN PRIME FIELDS AND ITS APPLICATIONS , 2005 .

[16]  Tal Rabin,et al.  Verifiable secret sharing and multiparty protocols with honest majority , 1989, STOC '89.

[17]  Terence Tao,et al.  A sum-product estimate in finite fields, and applications , 2003, math/0301343.

[18]  Prashant Nalini Vasudevan,et al.  Leakage Resilient Secret Sharing and Applications , 2019, IACR Cryptol. ePrint Arch..

[19]  Emanuele Viola,et al.  Extractors for Circuit Sources , 2011, 2011 IEEE 52nd Annual Symposium on Foundations of Computer Science.

[20]  L FredmanMichael,et al.  Storing a Sparse Table with 0(1) Worst Case Access Time , 1984 .

[21]  Vipul Goyal,et al.  Extractors for adversarial sources via extremal hypergraphs , 2020, Electron. Colloquium Comput. Complex..

[22]  Vince Grolmusz,et al.  The BNS Lower Bound for Multi-Party Protocols in Nearly Optimal , 1994, Inf. Comput..

[23]  Amnon Ta-Shma,et al.  An efficient reduction from two-source to non-malleable extractors: achieving near-logarithmic min-entropy , 2017, STOC.

[24]  Peter Bro Miltersen,et al.  Linear hash functions , 1999, JACM.

[25]  Gil Cohen,et al.  Non-Malleable Extractors - New Tools and Improved Constructions , 2016, Electron. Colloquium Comput. Complex..

[26]  Adi Shamir,et al.  How to share a secret , 1979, CACM.

[27]  Stefan Dziembowski,et al.  Leakage-Resilient Storage , 2010, SCN.

[28]  Norbert Hegyv'ari,et al.  Explicit constructions of extractors and expanders , 2012, 1206.1146.

[29]  Xin Li,et al.  Extractors for a Constant Number of Independent Sources with Polylogarithmic Min-Entropy , 2013, 2013 IEEE 54th Annual Symposium on Foundations of Computer Science.

[30]  Ran Raz,et al.  The BNS-Chung criterion for multi-party communication complexity , 2000, computational complexity.

[31]  Kaoru Kurosawa,et al.  Nonperfect Secret Sharing Schemes and Matroids , 1994, EUROCRYPT.

[32]  Avi Wigderson,et al.  Extracting randomness using few independent sources , 2004, 45th Annual IEEE Symposium on Foundations of Computer Science.

[33]  Yuval Ishai,et al.  Function Secret Sharing , 2015, EUROCRYPT.

[34]  Mitsuru Ito,et al.  Secret sharing scheme realizing general access structure , 1989 .

[35]  A. Razborov Communication Complexity , 2011 .

[36]  Amit Sahai,et al.  Leakage-Resilient Secret Sharing Against Colluding Parties , 2019, 2019 IEEE 60th Annual Symposium on Foundations of Computer Science (FOCS).

[37]  Yuan Zhou,et al.  Deterministic Coupon Collection and Better Strong Dispersers , 2014, APPROX-RANDOM.

[38]  J. Komlos,et al.  On the Size of Separating Systems and Families of Perfect Hash Functions , 1984 .

[39]  David Zuckerman,et al.  Deterministic extractors for small-space sources , 2011, J. Comput. Syst. Sci..

[40]  Anup Rao,et al.  Extractors for a constant number of polynomially small min-entropy independent sources , 2006, STOC '06.

[41]  Avi Wigderson,et al.  On span programs , 1993, [1993] Proceedings of the Eigth Annual Structure in Complexity Theory Conference.

[42]  Antonio Faonio,et al.  Non-Malleable Secret Sharing in the Computational Setting: Adaptive Tampering, Noisy-Leakage Resilience, and Improved Rate , 2019, IACR Cryptol. ePrint Arch..

[43]  Catherine A. Meadows,et al.  Security of Ramp Schemes , 1985, CRYPTO.

[44]  Yael Tauman Kalai,et al.  A Survey of Leakage-Resilient Cryptography , 2019, IACR Cryptol. ePrint Arch..

[45]  Qin Zhang,et al.  Lower Bounds for Number-in-Hand Multiparty Communication Complexity, Made Easy , 2011, SIAM J. Comput..

[46]  Tal Malkin,et al.  Randomness Extraction from Somewhat Dependent Sources , 2019, Electron. Colloquium Comput. Complex..

[47]  Yvo Desmedt,et al.  Some Recent Research Aspects of Threshold Cryptography , 1997, ISW.

[48]  Yuval Ishai,et al.  On the Local Leakage Resilience of Linear Secret Sharing Schemes , 2018, Journal of Cryptology.

[49]  Mark Braverman,et al.  On Information Complexity in the Broadcast Model , 2015, PODC.

[50]  Luca Trevisan,et al.  Extracting randomness from samplable distributions , 2000, Proceedings 41st Annual Symposium on Foundations of Computer Science.

[51]  Alexander A. Sherstov Communication Lower Bounds Using Directional Derivatives , 2014, JACM.

[52]  Jean Bourgain,et al.  On the Construction of Affine Extractors , 2007 .

[53]  Ran Raz,et al.  Deterministic extractors for affine sources over large fields , 2005, 46th Annual IEEE Symposium on Foundations of Computer Science (FOCS'05).

[54]  Richard J. Lipton,et al.  Multi-party protocols , 1983, STOC.

[55]  Oded Goldreich,et al.  Unbiased Bits from Sources of Weak Randomness and Probabilistic Communication Complexity , 1988, SIAM J. Comput..

[56]  Antonio Faonio,et al.  Continuously Non-Malleable Secret Sharing for General Access Structures , 2019, IACR Cryptol. ePrint Arch..

[57]  Stefan Dziembowski,et al.  Intrusion-Resilient Secret Sharing , 2007, 48th Annual IEEE Symposium on Foundations of Computer Science (FOCS'07).

[58]  Jean Bourgain,et al.  On a variant of sum-product estimates and explicit exponential sum bounds in prime fields , 2009, Mathematical Proceedings of the Cambridge Philosophical Society.

[59]  Eshan Chattopadhyay,et al.  Extractors for sumset sources , 2016, STOC.

[60]  Ran Raz,et al.  Extractors with weak random seeds , 2005, STOC '05.

[61]  Simon Macourt,et al.  Multilinear exponential sums with a general class of weights , 2019 .

[62]  Mark Braverman,et al.  Tight Bounds for Set Disjointness in the Message Passing Model , 2013, ArXiv.

[63]  David Zuckerman,et al.  Explicit two-source extractors and resilient functions , 2016, Electron. Colloquium Comput. Complex..

[64]  Venkatesan Guruswami,et al.  Leakage-Resilient Non-Malleable Secret Sharing in Non-compartmentalized Models , 2019 .

[65]  Xin Li,et al.  Explicit Non-malleable Extractors, Multi-source Extractors, and Almost Optimal Privacy Amplification Protocols , 2016, 2016 IEEE 57th Annual Symposium on Foundations of Computer Science (FOCS).

[66]  Yuval Ishai,et al.  Bounded-Communication Leakage Resilience via Parity-Resilient Circuits , 2016, 2016 IEEE 57th Annual Symposium on Foundations of Computer Science (FOCS).

[67]  Ivan Damgård,et al.  Stronger Leakage-Resilient and Non-Malleable Secret-Sharing Schemes for General Access Structures , 2019, IACR Cryptol. ePrint Arch..

[68]  Jean Bourgain,et al.  Estimates for the Number of Sums and Products and for Exponential Sums in Fields of Prime Order , 2006 .

[69]  Xin Li,et al.  New independent source extractors with exponential improvement , 2013, STOC '13.

[70]  Andrew Chi-Chih Yao,et al.  Some complexity questions related to distributive computing(Preliminary Report) , 1979, STOC.

[71]  Mark Simkin,et al.  Lower Bounds for Leakage-Resilient Secret Sharing , 2020, IACR Cryptol. ePrint Arch..

[72]  Xin Li,et al.  Three-Source Extractors for Polylogarithmic Min-Entropy , 2015, 2015 IEEE 56th Annual Symposium on Foundations of Computer Science.

[73]  Noam Nisan,et al.  More deterministic simulation in logspace , 1993, STOC.

[74]  Umesh V. Vazirani,et al.  Strong communication complexity or generating quasi-random sequences from two communicating semi-random sources , 1987, Comb..