General Secure Multi-party Computation from any Linear Secret-Sharing Scheme

  • Ronald Cramer
  • Ivan Damgård
  • Ueli Maurer
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 1807)


We show that verifiable secret sharing (VSS) and secure multi-party computation (MPC) among a set of n players can efficiently be based on any linear secret sharing scheme (LSSS) for the players, provided that the access structure of the LSSS allows MPC or VSS at all. Because an LSSS neither guarantees reconstructability when some shares are false, nor verifiability of a shared value, nor allows for the multiplication of shared values, an LSSS is an apparently much weaker primitive than VSS or MPC.

Our approach to secure MPC is generic and applies to both the information-theoretic and the cryptographic setting. The construction is based on 1) a formalization of the special multiplicative property of an LSSS that is needed to perform a multiplication on shared values, 2) an efficient generic construction to obtain from any LSSS a multiplicative LSSS for the same access structure, and 3) an efficient generic construction to build verifiability into every LSSS (always assuming that the adversary structure allows for MPC or VSS at all).

The protocols are efficient. In contrast to all previous information-theoretically secure protocols, the field size is not restricted (e.g, to be greater than n). Moreover, we exhibit adversary structures for which our protocols are polynomial in n while all previous approaches to MPC for non-threshold adversaries provably have super-polynomial complexity.


Secret Sharing Access Structure Secret Sharing Scheme Commitment Scheme Arithmetic Circuit 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


  1. 1.
    D. Beaver, Foundations of secure interactive computing, Proc. CRYPTO’ 91, Springer Verlag LNCS, vol. 576, pp. 377–391.Google Scholar
  2. 2.
    D. Beaver and A. Wool, Quorum-based multi-party computations, Proc. EUROCRYPT’ 98, Springer Verlag LNCS, vol. 1403, pp. 375–390.Google Scholar
  3. 3.
    A. Beimel, Secure schemes for secret sharing and key distribution, Ph.D.-thesis, Technion, Haifa, June 1996.Google Scholar
  4. 4.
    J. Benaloh, J. Leichter, Generalized secret sharing and monotone functions, Proc. CRYPTO’ 88, Springer Verlag LNCS, vol. 403, pp. 25–35.Google Scholar
  5. 5.
    M. Ben-Or, S. Goldwasser, A. Wigderson, Completeness theorems for non-cryptographic fault-tolerant distributed computation, Proc. ACM STOC’ 88, pp. 1–10.Google Scholar
  6. 6.
    M. Bertilsson, I. Ingemarsson, A construction of practical secret sharing schemes using linear block codes, Proc. AUSCRYPT’ 92, Springer Verlag LNCS, vol. 718, pp. 67–79.Google Scholar
  7. 7.
    E. F. Brickell, Some ideal secret sharing schemes, J. Combin. Maths. & Combin. Comp. 9 (1989), pp. 105–113.MathSciNetGoogle Scholar
  8. 8.
    R. Canetti, Studies in secure multi-party computation and applications, Ph. D. thesis, Weizmann Institute of Science, Rehovot, 1995.Google Scholar
  9. 9.
    R. Canetti, U. Feige, O. Goldreich, M. Naor, Adaptively secure multi-party computation, Proc. ACM STOC’ 96, pp. 639–648.Google Scholar
  10. 10.
    D. Chaum, C. Crépeau, I. Damgård, Multi-party unconditionally secure protocols, Proc. ACM STOC’ 88, pp. 11–19.Google Scholar
  11. 11.
    B. Chor, S. Goldwasser, S. Micali, B. Awerbuch, Verifiable secret sharing and achieving simultaneity in the presence of faults, Proc. FOCS’ 85, pp. 383–395.Google Scholar
  12. 12.
    R. Cramer, I. Damgård, Zero Knowledge for Finite Field Arithmetic or: Can Zero Knowledge be for Free?, Proc. CRYPTO’98, Springer Verlag LNCS, vol. 1462, pp. 424–441.Google Scholar
  13. 13.
    R. Cramer, I. Damgård, S. Dziembowski, On the complexity of verifiable secret sharing and multi-party computation, Proceedings of the 32nd ACM Symposium on Theory of Computing (STOC’ 00), Portland, Oregon, May 2000.Google Scholar
  14. 14.
    R. Cramer, I. Damgård, S. Dziembowski, M. Hirt and T. Rabin, Efficient multiparty computations secure against an adaptive adversary, Proc. EUROCRYPT’ 99, Springer Verlag LNCS, vol. 1592, pp. 311–326.Google Scholar
  15. 15.
    C. Crépeau, J. van de Graaf and A. Tapp, Committed oblivious transfer and private multi-party computation, proc. CRYPTO’ 95, Springer Verlag LNCS, vol. 963, pp. 110–123.Google Scholar
  16. 16.
    M. van Dijk, Secret key sharing and secret key generation, Ph.D. Thesis, Eindhoven University of Technology, 1997.Google Scholar
  17. 17.
    S. Fehr, Efficient construction of dual MSP, manuscript 1999.Google Scholar
  18. 18.
    M. Fitzi, U. Maurer, Efficient Byzantine agreement secure against general adversaries, Proc. 12th Int. Symp. on Distributed Computing (DISC’ 98), Springer Verlag LNCS, vol. 1499, pp. 134–148.Google Scholar
  19. 19.
    A. Gál, A characterization of span program size and improved lower bounds for monotone span programs, Proceedings of the 30th ACM Symposium on the Theory of Computing, 1998, pp. 429–437.Google Scholar
  20. 20.
    A. Gál, Combinatorial methods in Boolean function complexity, Ph.D.-thesis, University of Chicago, 1995.Google Scholar
  21. 21.
    Z. Galil, S. Haber and M. Yung, Cryptographic computation: Secure fault-tolerant protocols and the public-key model, Proc. CRYPTO’87, Springer Verlag LNCS, vol. 293, pp. 135–155.Google Scholar
  22. 22.
    R. Gennaro, Theory and practice of veri_able secret sharing, Ph.D. thesis, MIT, 1996.Google Scholar
  23. 23.
    R. Gennaro, M. Rabin, T. Rabin, Simplified VSS and fast-track multi-party computations with applications to threshold cryptography, Proc. ACM PODC’98.Google Scholar
  24. 24.
    O. Goldreich, S. Micali and A. Wigderson, How to play any mental game or a completeness theorem for protocols with honest majority, Proc. ACM STOC’ 87, pp. 218–229.Google Scholar
  25. 25.
    M. Hirt, U. Maurer, Player simulation and general adversary structures in perfect multi-party computation, Journal of Cryptology, vol. 13, no. 1, pp. 31–60, 2000. (Preliminary version in Proc. ACM PODC’97, pp. 25–34.)zbMATHCrossRefMathSciNetGoogle Scholar
  26. 26.
    M. Ito, A. Saito and T. Nishizeki, Secret sharing schemes realizing general access structures, Proc. IEEE GlobeCom’ 87 Tokyo, pp. 99–102.Google Scholar
  27. 27.
    M. Karchmer, A. Wigderson, On span programs, Proc. of Structure in Complexity’ 93, pp. 102–111.Google Scholar
  28. 28.
    S. Micali and P. Rogaway, Secure computation, Manuscript, Preliminary version in Proc. CRYPTO’ 91, Springer Verlag LNCS, vol. 576, pp. 392–404Google Scholar
  29. 29.
    T. Rabin, M. Ben-Or, Verifiable secret sharing and multi-party protocols with honest majority, Proc. ACM STOC’ 89, pp. 73–85.Google Scholar
  30. 30.
    T. Rabin, Robust sharing of secrets when the dealer is honest or cheating, J. ACM, 41(6):1089–1109, November 1994.CrossRefMathSciNetGoogle Scholar
  31. 31.
    A. Shamir, How to share a secret, Communications of the ACM 22 (1979) 612–613.zbMATHCrossRefMathSciNetGoogle Scholar
  32. 32.
    Technical report, full version of this paper. Will be posted on the Web and is available from the authors. Obsolete are the earlier versions: Span programs and general secure multi-party computation, BRICS Report RS-97-28, Nov. 1997, and Enforcing the multiplication property on MSPs, with only constant overhead, Jan. 1999.Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2000

Authors and Affiliations

  • Ronald Cramer
    • 1
  • Ivan Damgård
    • 1
  • Ueli Maurer
    • 2
  1. 1.BRICSAarhus UniversityAarhus
  2. 2.ETH ZürichZürich

Personalised recommendations