Location via proxy:   [ UP ]  
[Report a bug]   [Manage cookies]                
Skip to main content
Springer Nature Link
Log in

Broadcast (and Round) Efficient Verifiable Secret Sharing

  • Conference paper
  • First Online:
Information Theoretic Security (ICITS 2013)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 8317))

Included in the following conference series:

Abstract

Verifiable secret sharing (VSS) is a fundamental cryptographic primitive, lying at the core of secure multi-party computation (MPC) and, as the distributed analogue of a commitment functionality, used in numerous applications. In this paper we focus on unconditionally secure VSS protocols with honest majority.

In this setting it is typically assumed that parties are connected pairwise by authenticated, private channels, and that in addition they have access to a “broadcast” channel. Because broadcast cannot be simulated on a point-to-point network when a third or more of the parties are corrupt, it is impossible to construct VSS (and more generally, MPC) protocols in this setting without using a broadcast channel (or some equivalent addition to the model).

A great deal of research has focused on increasing the efficiency of VSS, primarily in terms of round complexity. In this work we consider a refinement of the round complexity of VSS, by adding a measure we term broadcast complexity. We view the broadcast channel as an expensive resource and seek to minimize the number of rounds in which it is invoked as well.

We construct a (linear) VSS protocol which uses the broadcast channel only twice in the sharing phase, while running in an overall constant number of rounds.

The unabridged version of this paper appears in [GGOR13].

Clint Givens is supported in part by NSF grants 0830803, 09165174, 1065276, 1118126 and 1136174, US-Israel BSF grant 2008411, OKAWA Foundation Research Award, IBM Faculty Research Award, Xerox Faculty Research Award, B. John Garrick Foundation Award, Teradata Research Award, and Lockheed-Martin Corporation Research Award. This material is based upon work supported by the Defense Advanced Research Projects Agency through the U.S. Office of Naval Research under Contract N00014-11-1-0392. The views expressed are those of the author and do not reflect the official policy or position of the Department of Defense or the U.S. Government.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Subscribe and save

Springer+ Basic
$34.99 /Month
  • Get 10 units per month
  • Download Article/Chapter or eBook
  • 1 Unit = 1 Article or 1 Chapter
  • Cancel anytime
Subscribe now

Buy Now

Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Similar content being viewed by others

Notes

  1. 1.

    Trouble comes, however, when analyzing round complexity: as observed in [KK07, Koo07, KKK08], Byzantine agreement is round-expensive, and the compilation from black-box broadcast to simulated broadcast blows up the number of rounds substantially.

  2. 2.

    As this discussion suggests, it may happen that \(D\) broadcasts an honest party’s shares in step 9; this can only happen if \(\mathcal {A}\) succeeds in an IC forgery attempt (hence with negligible probability). As a consequence, our protocol achieves statistical but not perfect privacy. On the other hand, privacy is perfect conditioned on the event that \(\mathcal {A}\) is unsuccessful in all forgery attempts, as a failed forgery by itself reveals nothing about \(s\).

  3. 3.

    We note that in the description of the compilation from [KK06] gradecast with grades in \(\{0,1,2\}\) is used. Here we use gradecast with grades in \(\{0,1\}\) because during the compilation it is only required to distinguish the maximal grade from all other grades (so we put maximal grade to 1 instead of 2).

References

  1. Ben-Sasson, E., Fehr, S., Ostrovsky, R.: Near-linear unconditionally-secure multiparty computation with a dishonest minority. In: Safavi-Naini, R., Canetti, R. (eds.) CRYPTO 2012. LNCS, vol. 7417, pp. 663–680. Springer, Heidelberg (2012)

    Google Scholar 

  2. Ben-Or, M., Goldwasser, S., Wigderson, A.: Completeness theorems for non-cryptographic fault-tolerant distributed computation. In: Proceedings of the 20th Annual ACM Symposium of the Theory of Computation, pp. 1–10, May 1988

    Google Scholar 

  3. Baum-Waidner, B., Pfitzmann, B., Waidner, M.: Unconditional byzantine agreement with good majority. In: Jantzen, M., Choffrut, C. (eds.) STACS 1991. LNCS, vol. 480, pp. 285–295. Springer, Heidelberg (1991)

    Google Scholar 

  4. Beerliová-Trubíniová, Z., Hirt, M., Riser, M.: Efficient Byzantine agreement with faulty minority. In: Kurosawa, K. (ed.) ASIACRYPT 2007. LNCS, vol. 4833, pp. 393–409. Springer, Heidelberg (2007)

    Chapter  Google Scholar 

  5. Chaum, D., Crépeau, C., Damgård, I.: Multiparty unconditionally secure protocols. In: Proceedings 20th Annual Symposium on Theory of Computing, STOC. Association for Computing Machinery, May 1988

    Google Scholar 

  6. Cramer, R., Damgård, I., Dziembowski, S., Hirt, M., Rabin, T.: Efficient multiparty computations secure against an adaptive adversary. In: Stern, J. (ed.) EUROCRYPT 1999. LNCS, vol. 1592, pp. 311–326. Springer, Heidelberg (1999)

    Google Scholar 

  7. Chor, B., Goldwasser, S., Micali, S., Awerbuch, B.: Verifiable secret sharing and achieving simultaneity in the presence of faults. In: Proceedings of Twenty Sixth IEEE Symposium in Foundations of Computer Science, pp. 383–395 (1985)

    Google Scholar 

  8. Dolev, D., Dwork, C., Waarts, O., Yung, M.: Perfectly secure message transmission. J. ACM 1(40), 17–47 (1993)

    Article  MathSciNet  Google Scholar 

  9. Dolev, D.: The Byzantine generals strike again. J. Algorithms 3, 14–30 (1982)

    Article  MATH  MathSciNet  Google Scholar 

  10. Dwork, C., Peleg, D., Pippenger, N., Upfal, E.: Fault tolerance in networks of bounded degree (preliminary version). In: Proceedings of the Eighteenth Annual ACM Symposium on Theory of Computing, STOC, Berkeley, California, USA, pp. 370–379, 28–30 May 1986

    Google Scholar 

  11. Dolev, D., Strong, H.: Authenticated algorithms for Byzantine agreement. SIAM J. Comput. 12(4), 656–666 (1983)

    Article  MATH  MathSciNet  Google Scholar 

  12. Fitzi, M., Garay, J., Gollakota, S., Pandu Rangan, C., Srinathan, K.: Round-optimal and efficient verifiable secret sharing. In: Halevi, S., Rabin, T. (eds.) TCC 2006. LNCS, vol. 3876, pp. 329–342. Springer, Heidelberg (2006)

    Google Scholar 

  13. Fitzi, M., Gottesman, D., Hirt, M., Holenstein, T., Smith, A.: Detectable byzantine agreement secure against faulty majorities. In: Proceedings of the Twenty-First Annual Symposium on Principles of Distributed Computing, PODC ’02, pp. 118–126. ACM, New York (2002)

    Google Scholar 

  14. Fitzi, M., Gisin, N., Maurer, U., von Rotz, O.: Unconditional Byzantine agreement and multi-party computation secure against dishonest minorities from scratch. In: Knudsen, L.R. (ed.) EUROCRYPT 2002. LNCS, vol. 2332, pp. 482–501. Springer, Heidelberg (2002)

    Chapter  Google Scholar 

  15. Fitzi, M., Hirt, M.: Optimally efficient multi-valued Byzantine agreement. In: Proceedings of the Twenty-Fifth Annual ACM Symposium on Principles of Distributed Computing, PODC ’06, pp. 163–168. ACM, New York (2006)

    Google Scholar 

  16. Fitzi, M.: Generalized communication and security models in Byzantine agreement. Ph.D. thesis, ETH Zurich, March 2003; Reprint as vol. 4 of ETH Series in Information Security and Cryptography. Hartung-Gorre Verlag, Konstanz (2003). ISBN 3-89649-853-3

    Google Scholar 

  17. Feldman, P., Micali, S.: Optimal algorithms for Byzantine agreement. In: Proceedings of the Twentieth Annual ACM Symposium on Theory of Computing, STOC ’88, pp. 148–161. ACM, New York (1988)

    Google Scholar 

  18. Garay, J., Givens, C., Ostrovsky, R.: Secure message transmission by public discussion: a brief survey. In: Chee, Y.M., Guo, Z., Ling, S., Shao, F., Tang, Y., Wang, H., Xing, C. (eds.) IWCC 2011. LNCS, vol. 6639, pp. 126–141. Springer, Heidelberg (2011)

    Google Scholar 

  19. Garay, J.A., Givens, C., Ostrovsky, R., Raykov, P.: Broadcast (and round) efficient verifiable secret sharing. In: Cryptology ePrint Archive. Report 2012/130, September 2013

    Google Scholar 

  20. Gennaro, R., Ishai, Y., Kushilevitz, E., Rabin, T.: On 2-round secure multiparty computation. In: Yung, M. (ed.) CRYPTO 2002. LNCS, vol. 2442, pp. 178–193. Springer, Heidelberg (2002)

    Chapter  Google Scholar 

  21. Goldwasser, S., Lindell, Y.: Secure multi-party computation without agreement. J. Cryptol. 18(3), 247–287 (2005)

    Article  MATH  MathSciNet  Google Scholar 

  22. Goldreich, O., Micali, S., Wigderson, A.: How to play any mental game or a completeness theorem for protocols with honest majority. In: Proceedings of the 19th Annual ACM Symposium on Theory of Computation, pp. 218–229, May 1987

    Google Scholar 

  23. Garay, J.A., Ostrovsky, R.: Almost-everywhere secure computation. In: Smart, N.P. (ed.) EUROCRYPT 2008. LNCS, vol. 4965, pp. 307–323. Springer, Heidelberg (2008)

    Chapter  Google Scholar 

  24. Hirt, M., Raykov, P.: On the complexity of broadcast setup. In: Fomin, F.V., Freivalds, R., Kwiatkowska, M., Peleg, D. (eds.) ICALP 2013, Part I. LNCS, vol. 7965, pp. 552–563. Springer, Heidelberg (2013)

    Google Scholar 

  25. Katz, J., Koo, C.-Y.: On expected constant-round protocols for Byzantine agreement. In: Dwork, C. (ed.) CRYPTO 2006. LNCS, vol. 4117, pp. 445–462. Springer, Heidelberg (2006)

    Chapter  Google Scholar 

  26. Katz, J., Koo, C.-Y.: Round-efficient secure computation in point-to-point networks. In: Naor, M. (ed.) EUROCRYPT 2007. LNCS, vol. 4515, pp. 311–328. Springer, Heidelberg (2007)

    Chapter  Google Scholar 

  27. Katz, J., Koo, C.-Y., Kumaresan, R.: Improving the round complexity of VSS in point-to-point networks. In: Aceto, L., Damgård, I., Goldberg, L.A., Halldórsson, M., Ingólfsdóttir, A., Walukiewicz, I. (eds.) ICALP 2008, Part II. LNCS, vol. 5126, pp. 499–510. Springer, Heidelberg (2008)

    Google Scholar 

  28. Koo, C.-Y.: Studies on fault-tolerant broadcast and secure computation. Ph.D. thesis (2007)

    Google Scholar 

  29. Kumaresan, R., Patra, A., Pandu Rangan, C.: The round complexity of verifiable secret sharing: the statistical case. In: Abe, M. (ed.) ASIACRYPT 2010. LNCS, vol. 6477, pp. 431–447. Springer, Heidelberg (2010)

    Chapter  Google Scholar 

  30. Lamport, L., Shostak, R., Pease, M.: The Byzantine generals problem. ACM Trans. Program. Lang. Syst. 4, 382–401 (1982)

    Article  MATH  Google Scholar 

  31. Patra, A., Choudhary, A., Rabin, T., Pandu Rangan, C.: The round complexity of verifiable secret sharing revisited. In: Halevi, S. (ed.) CRYPTO 2009. LNCS, vol. 5677, pp. 487–504. Springer, Heidelberg (2009)

    Chapter  Google Scholar 

  32. Pfitzmann, B., Waidner, M.: Information-theoretic pseudosignatures and byzantine agreement for \(t \ge n/3\). Technical report RZ 2882 (#90830), IBM Research (1996)

    Google Scholar 

  33. Rabin, T.: Robust sharing of secrets when the dealer is honest or cheating. J. ACM 41(6), 1089–1109 (1994)

    Article  MathSciNet  Google Scholar 

  34. Rabin, T., Ben-Or, M.: Verifiable secret sharing and multiparty protocols with honest majority. In: Proceedings of the 21st ACM Symposium on the Theory of Computing, pp. 73–85 (1989)

    Google Scholar 

  35. Upfal, E.: Tolerating linear number of faults in networks of bounded degree. In: PODC, pp. 83–89 (1992)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. AT&T Labs – Research, Florham Park, NJ, USA

    Juan Garay

  2. Maine School of Science and Mathematics, Limestone, MN, USA

    Clint Givens

  3. Department of Computer Science and Department of Mathematics, UCLA, Los Angeles, CA, USA

    Rafail Ostrovsky

  4. ETH Zürich, Zürich, Switzerland

    Pavel Raykov

Authors
  1. Juan Garay
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Clint Givens
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Rafail Ostrovsky
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Pavel Raykov
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Pavel Raykov .

Editor information

Editors and Affiliations

  1. Nanyang Technological University, Singapore, Singapore

    Carles Padró

Rights and permissions

Reprints and permissions

Copyright information

© 2014 Springer International Publishing Switzerland

About this paper

Cite this paper

Garay, J., Givens, C., Ostrovsky, R., Raykov, P. (2014). Broadcast (and Round) Efficient Verifiable Secret Sharing. In: Padró, C. (eds) Information Theoretic Security. ICITS 2013. Lecture Notes in Computer Science(), vol 8317. Springer, Cham. https://doi.org/10.1007/978-3-319-04268-8_12

Download citation

  • DOI: https://doi.org/10.1007/978-3-319-04268-8_12

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-319-04267-1

  • Online ISBN: 978-3-319-04268-8

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation