Secret Sharing with Binary Shares. Lin, F., Cheraghchi, M., Guruswami, V., Safavi-Naini, R., & Wang, H. In Proceedings of the 10th Innovations in Theoretical Computer Science Conference (ITCS), volume 124, of Leibniz International Proceedings in Informatics (LIPIcs), pages 53:1–53:20, 2019.
Secret Sharing with Binary Shares [link]Link  Secret Sharing with Binary Shares [link]Paper  doi  abstract   bibtex   
Shamir's celebrated secret sharing scheme provides an efficient method for encoding a secret of arbitrary length $\ell$ among any $N ≤ 2^\ell$ players such that for a threshold parameter $t$, (i) the knowledge of any $t$ shares does not reveal any information about the secret and, (ii) any choice of $t+1$ shares fully reveals the secret. It is known that any such threshold secret sharing scheme necessarily requires shares of length $\ell$, and in this sense Shamir's scheme is optimal. The more general notion of ramp schemes requires the reconstruction of secret from any $t+g$ shares, for a positive integer gap parameter $g$. Ramp secret sharing scheme necessarily requires shares of length $\ell/g$. Other than the bound related to secret length $\ell$, the share lengths of ramp schemes can not go below a quantity that depends only on the gap ratio $g/N$. In this work, we study secret sharing in the extremal case of bit-long shares and arbitrarily small gap ratio $g/N$, where standard ramp secret sharing becomes impossible. We show, however, that a slightly relaxed but equally effective notion of semantic security for the secret, and negligible reconstruction error probability, eliminate the impossibility. Moreover, we provide explicit constructions of such schemes. One of the consequences of our relaxation is that, unlike standard ramp schemes with perfect secrecy, adaptive and non-adaptive adversaries need different analysis and construction. For non-adaptive adversaries, we explicitly construct secret sharing schemes that provide secrecy against any $τ$ fraction of observed shares, and reconstruction from any $ρ$ fraction of shares, for any choices of $0 ≤ τ < ρ ≤ 1$. Our construction achieves secret length $N(ρ-τ-o(1))$, which we show to be optimal. For adaptive adversaries, we construct explicit schemes attaining a secret length $Ω(N(ρ-τ))$. We discuss our results and open questions.
@INPROCEEDINGS{ref:LCGSW19,
  author =	 {Fuchun Lin and Mahdi Cheraghchi and Venkatesan
                  Guruswami and Reihaneh Safavi-Naini and Huaxiong
                  Wang},
  title =	 {Secret Sharing with Binary Shares},
  year =	 2019,
  doi =		 {10.4230/LIPIcs.ITCS.2019.53},
  booktitle =	 {Proceedings of the 10th {Innovations in Theoretical
                  Computer Science Conference (ITCS)}},
  pages =	 {53:1--53:20},
  series =	 {Leibniz International Proceedings in Informatics
                  (LIPIcs)},
  volume =	 124,
  url_Link =
                  {https://drops.dagstuhl.de/opus/frontdoor.php?source_opus=10146},
  url_Paper =	 {https://arxiv.org/abs/1808.02974},
  abstract =	 {Shamir's celebrated secret sharing scheme provides
                  an efficient method for encoding a secret of
                  arbitrary length $\ell$ among any $N \leq 2^\ell$
                  players such that for a threshold parameter $t$, (i)
                  the knowledge of any $t$ shares does not reveal any
                  information about the secret and, (ii) any choice of
                  $t+1$ shares fully reveals the secret. It is known
                  that any such threshold secret sharing scheme
                  necessarily requires shares of length $\ell$, and in
                  this sense Shamir's scheme is optimal. The more
                  general notion of ramp schemes requires the
                  reconstruction of secret from any $t+g$ shares, for
                  a positive integer gap parameter $g$. Ramp secret
                  sharing scheme necessarily requires shares of length
                  $\ell/g$. Other than the bound related to secret
                  length $\ell$, the share lengths of ramp schemes can
                  not go below a quantity that depends only on the gap
                  ratio $g/N$.  In this work, we study secret sharing
                  in the extremal case of bit-long shares and
                  arbitrarily small gap ratio $g/N$, where standard
                  ramp secret sharing becomes impossible. We show,
                  however, that a slightly relaxed but equally
                  effective notion of semantic security for the
                  secret, and negligible reconstruction error
                  probability, eliminate the impossibility. Moreover,
                  we provide explicit constructions of such
                  schemes. One of the consequences of our relaxation
                  is that, unlike standard ramp schemes with perfect
                  secrecy, adaptive and non-adaptive adversaries need
                  different analysis and construction. For
                  non-adaptive adversaries, we explicitly construct
                  secret sharing schemes that provide secrecy against
                  any $\tau$ fraction of observed shares, and
                  reconstruction from any $\rho$ fraction of shares,
                  for any choices of $0 \leq \tau < \rho \leq 1$. Our
                  construction achieves secret length
                  $N(\rho-\tau-o(1))$, which we show to be
                  optimal. For adaptive adversaries, we construct
                  explicit schemes attaining a secret length
                  $\Omega(N(\rho-\tau))$. We discuss our results and
                  open questions.  },
  keywords =	 {Secret sharing scheme, Wiretap channel}
}

Downloads: 0