The secret can be reconstructed from any setT of shares such thatT ∈ ℱ n .
No subsetT ∉ ℱ n of shares reveals any partial information about the secret.
Various secret-sharing schemes have been proposed, and applications in diverse contexts were found. In all these cases the set of secrets and the set of shares are finite.
In this paper we study the possibility of secret-sharing schemes overinfinite domains. The major case of interest is when the secrets and the shares are taken from acountable set, for example all binary strings. We show that no ℱ n secret-sharing scheme over any countable domain exists (for anyn ≥ 2).
One consequence of this impossibility result is that noperfect private-key encryption schemes, over the set of all strings, exist. Stated informally, this means that there is no way to encrypt all strings perfectly without revealing information about their length. These impossibility results are stated and proved not only for perfect secret-sharing and private-key encryption schemes, but also for wider classes—weak secret-sharing and private-key encryption schemes.
We constrast these results with the case where both the secrets and the shares are real numbers. Simple perfect secret-sharing schemes (and perfect private-key encryption schemes) are presented. Thus, infinity alone does not rule out the possibility of secret sharing.
Key wordsSecret sharing Perfect private-key encryption
Unable to display preview. Download preview PDF.
- Ben-David, S., Private communication.Google Scholar
- Ben-or, M., S. Goldwasser, and A. Wigderson, Completeness Theorems for Non-Cryptographic Fault-Tolerant Distributed Computation,Proc. 20th Symp. on Theory of Computing, pp. 1–10, 1988.Google Scholar
- Benaloh (Cohen), J. D., Secret Sharing Homomorphisms: Keeping Shares of a Secret Secret,Advances in Cryptography—Crypto 86 (Proceedings), A. M. Odlyzko (ed.), pp. 251–260, Lecture Notes in Computer Science, Vol. 263, Springer-Verlag, Berlin, 1987.Google Scholar
- Benaloh, J., and J. Leichter, Generalized Secret Sharing and Monotone Functions,Advances in Cryptography—Crypto 86 (Proceedings), A. M. Odlyzko (ed.), pp. 213–222, Lecture Notes in Computer Science, Vol. 263, Springer-Verlag, Berlin, 1987.Google Scholar
- Blakley, G. R., Safeguarding Cryptographic Keys,Proc. NCC AFIPS 1979, pp. 313–317, 1979.Google Scholar
- Blakley, G. R., and L. Swanson, Security Proofs for Information Protection Systems,Proc. IEEE Symp. on Security and Privacy, 1981, pp. 75–88.Google Scholar
- Blakley, G. R., and L. Swanson, Infinite Structures in Information Theory,Proc. Crypto 82, pp. 39–50.Google Scholar
- Goldreich, O., S. Micali, and A. Wigderson, How To Play Any Mental Game,Proc 19th Symp. on Theory of Computing, pp. 218–229, 1987.Google Scholar
- Ito, M., A. Saito, and T. Nishizeki. Secret Sharing Schemes Realizing General Access Structure,Proc. IEEE Global Telecommunication Conf., Globecom 87, pp. 99–102, 1987.Google Scholar
- Kothari, S. C., Generalized Linear Threshold Scheme,Advances in Cryptography—Crypto 84 (Proceedings), G. R. Blakey and D. Chaum (ed.), pp. 231–241, Lecture Notes in Computer Science, Vol. 196, Springer-Verlag, Berlin, 1985.Google Scholar
- Rabin, M. O., Randomized Byzantine Generals,Proc. 24th Symp. on Foundations of Computer Science, pp. 403–409, 1983.Google Scholar
- Shannon, C. E., Communication Theory of Secrecy Systems,Bell System Tech. J., Vol. 28, 1949, pp. 657–715.Google Scholar