Chapter

Advances in Cryptology - CRYPTO 2009

Volume 5677 of the series Lecture Notes in Computer Science pp 487-504

The Round Complexity of Verifiable Secret Sharing Revisited

  • Arpita PatraAffiliated withDept of Computer Science and Engineering, IIT Madras
  • , Ashish ChoudharyAffiliated withDept of Computer Science and Engineering, IIT Madras
  • , Tal RabinAffiliated withIBM T.J. Watson Research Center
  • , C. Pandu RanganAffiliated withDept of Computer Science and Engineering, IIT Madras

Abstract

The round complexity of interactive protocols is one of their most important complexity measures. In this work we prove that existing lower bounds for the round complexity of VSS can be circumvented by introducing a negligible probability of error in the reconstruction phase. Previous results show matching lower and upper bounds of three rounds for VSS, with n = 3t + 1, where the reconstruction of the secrets always succeeds, i.e. with probability 1. In contrast we show that with a negligible probability of error in the reconstruction phase:

  1. 1

    There exists an efficient 2-round VSS protocol for n = 3t + 1. If we assume that the adversary is non-rushing then we can achieve a 1-round reconstruction phase.

     
  2. 1

    There exists an efficient 1-round VSS for t = 1 and n > 3.

     
  3. 1

    We prove that our results are optimal both in resilience and number of sharing rounds by showing:

    1. 1

      There does not exist a 2-round WSS (and hence VSS) for n ≤ 3t.

       
    2. 1

      There does not exist a 1-round VSS protocol for t ≥ 2 and n ≥ 4.