Algebraic Geometric Secret Sharing Schemes and Secure Multi-Party Computations over Small Fields

  • Hao Chen
  • Ronald Cramer
Part of the Lecture Notes in Computer Science book series (LNCS, volume 4117)


We introduce algebraic geometric techniques in secret sharing and in secure multi-party computation (MPC) in particular. The main result is a linear secret sharing scheme (LSSS) defined over a finite field \({\mathbb F}_q\), with the following properties.

1. It is ideal. The number of players n can be as large as \(\#C({\mathbb F}_q)\), where C is an algebraic curve C of genus g defined over \({\mathbb F}_q\).

2. It is quasi-threshold: it is t-rejecting and t+1+2g-accepting, but not necessarily t+1-accepting. It is thus in particular a ramp scheme. High information rate can be achieved.

3. It has strong multiplication with respect to the t-threshold adversary structure, if \(t<\frac{1}{3}n-\frac{4}{3}g\). This is a multi-linear algebraic property on an LSSS facilitating zero-error multi-party multiplication, unconditionally secure against corruption by an active t-adversary.

4. The finite field \({\mathbb F}_q\) can be dramatically smaller than n. This is by using algebraic curves with many \({\mathbb F}_q\)-rational points. For example, for each small enough ε, there is a finite field \({\mathbb F}_q\) such that for infinitely many n there is an LSSS over \({\mathbb F}_q\) with strong multiplication satisfying \((\frac{1}{3}- \epsilon) n\leq t < \frac{1}{3}n\).

5. Shamir’s scheme, which requires n>q and which has strong multiplication for \(t<\frac{1}{3}n\), is a special case by taking g=0.

Now consider the classical (“BGW”) scenario of MPC unconditionally secure (with zero error probability) against an active t-adversary with \(t<\frac{1}{3}n\), in a synchronous n-player network with secure channels. By known results it now follows that there exist MPC protocols in this scenario, achieving the same communication complexities in terms of the number of field elements exchanged in the network compared with known Shamir-based solutions. However, in return for decreasing corruption tolerance by a small ε-fraction, q may be dramatically smaller than n. This tolerance decrease is unavoidable due to properties of MDS codes. The techniques extend to other models of MPC. Results on less specialized LSSS can be obtained from more general coding theory arguments.


Secret Sharing Access Structure Algebraic Curf Secret Sharing Scheme Strong Multiplication 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


  1. 1.
    Ben-Or, M., Goldwasser, S., Wigderson, A.: Completeness theorems for non-cryptographic fault-tolerant distributed computation. In: Proceedings of STOC 1988, pp. 1–10. ACM Press, New York (1988)Google Scholar
  2. 2.
    Bierbrauer, J.: Universal Hashing and Geometric Codes. Designs, Codes and Cryptography 11, 207–221 (1997)MATHCrossRefMathSciNetGoogle Scholar
  3. 3.
    Blakley, G.R.: Safeguarding cryptographic keys. In: Proceedings of National Computer Conference 1979. AFIPS Proceedings, vol. 48, pp. 313–317 (1979)Google Scholar
  4. 4.
    Chaum, D., Crépeau, C., Damgaard, I.: Multi-party unconditionally secure protocols. In: Proceedings STOC 1988, pp. 11–19. ACM Press, New York (1988)Google Scholar
  5. 5.
    Chen, H.: Linear secret sharing from algebraic-geometric codes. Merged with [8]Google Scholar
  6. 6.
    Chen, H., Cramer, R., Ding, C., Xing, C.: Secret sharing and secure multi-party compuation from projective algebraic subsets. Work in progressGoogle Scholar
  7. 7.
    Chen, H., Cramer, R., Goldwasser, S., Vaikuntanathan, V., de Haan, R.: Threshold MPC in the Rabin-Ben Or broadcast model unconditionally secure against corrupt minorities based on general error correcting codes. Work in progressGoogle Scholar
  8. 8.
    Cramer, R.: Algebraic geometric secret sharing and secure computation over small fields. Merged with [5]Google Scholar
  9. 9.
    Cramer, R., Fehr, S., Stam, M.: Black-box secret sharing from primitive sets in algebraic number fields. In: Shoup, V. (ed.) CRYPTO 2005. LNCS, vol. 3621, pp. 344–360. Springer, Heidelberg (2005)Google Scholar
  10. 10.
    Cramer, R., Daza, V., Gracia, I., Urroz, J.J., Leander, G., Martí-Farré, J., Padró, C.: On codes, matroids and secure multi-party computation from linear secret sharing schemes. In: Shoup, V. (ed.) CRYPTO 2005. LNCS, vol. 3621, pp. 327–343. Springer, Heidelberg (2005)Google Scholar
  11. 11.
    Cramer, R., de Haan, R.: Atomic Secure Multi-Party Multiplication with Low Communication (manuscript, 2004)Google Scholar
  12. 12.
    Cramer, R., Fehr, S., Ishai, Y., Kushilevitz, E.: Efficient multi-party computation over rings. In: Biham, E. (ed.) EUROCRYPT 2003. LNCS, vol. 2656, pp. 596–613. Springer, Heidelberg (2003)CrossRefGoogle Scholar
  13. 13.
    Cramer, R., Fehr, S.: Optimal Black-Box Secret Sharing over Arbitrary Abelian Groups. In: Yung, M. (ed.) CRYPTO 2002. LNCS, vol. 2442, pp. 272–287. Springer, Heidelberg (2002)CrossRefGoogle Scholar
  14. 14.
    Cramer, R., Damgaard, I., Dziembowski, S.: On the complexity of verifiable secret sharing and multi-party computation. In: Proceedings of STOC 2000, pp. 325–334. ACM Press, New York (2000)Google Scholar
  15. 15.
    Cramer, R., Damgård, I.B., Maurer, U.M.: General secure multi-party computation from any linear secret-sharing scheme. In: Preneel, B. (ed.) EUROCRYPT 2000. LNCS, vol. 1807, pp. 316–334. Springer, Heidelberg (2000)CrossRefGoogle Scholar
  16. 16.
    Cramer, R., Damgård, I.B., Dziembowski, S., Hirt, M., Rabin, T.: Efficient multiparty computations secure against an adaptive adversary. In: Stern, J. (ed.) EUROCRYPT 1999. LNCS, vol. 1592, p. 311. Springer, Heidelberg (1999)Google Scholar
  17. 17.
    Desmedt, Y., Frankel, Y.: Homomorphic zero-knowledge threshold schemes over any finite abelian group. SIAM Journal of Discrete Mathematics 7, 667–679 (1994)MATHCrossRefMathSciNetGoogle Scholar
  18. 18.
    McEliece, R.J., Sarvate, D.V.: On sharing secrets and Reed-Solomon codes. Comm. of the ACM 22(11), 612–613 (1979)CrossRefGoogle Scholar
  19. 19.
    Franklin, M., Yung, M.: Communication complexity of secure computation. In: Proceedings of STOC 1992. ACM Press, New York (1992)Google Scholar
  20. 20.
    Fulton, W.: Algebraic Curves. Advanced Book Classics. Addission-WesleyGoogle Scholar
  21. 21.
    García, A., Stichtenoth, H.: On the asymptotic behavior of some towers of function fields over finite fields. J. Number Theory 61, 248–273 (1996)MATHCrossRefMathSciNetGoogle Scholar
  22. 22.
    van der Geer, G., van der Vlugt, M.: Tables of curves with many points. Mathematics of Computation 69, 797–810 (2000), See also, MATHCrossRefMathSciNetGoogle Scholar
  23. 23.
    Goppa, V.D.: Codes on algebraic curves. Soviet Math. Dokl. 24, 170–172 (1981)MATHGoogle Scholar
  24. 24.
    Karchmer, M., Wigderson, A.: On span programs. In: Proceedings of the Eigth Annual Structure in Complexity Theory Conference, pp. 102–111. IEEE, Los Alamitos (1993)CrossRefGoogle Scholar
  25. 25.
    Kumar, R., Rajagopalan, S., Sahai, A.: Coding constructions for blacklisting problems without computational assumptions. In: Wiener, M.J. (ed.) CRYPTO 1999. LNCS, vol. 1666, pp. 609–623. Springer, Heidelberg (1999)Google Scholar
  26. 26.
    Lam, K.Y., Wang, H.X., Xing, C.: Constructions of authentication codes from algebraic curves over finite fields. IEEE Transactions in Information Theory 46, 886–892 (2000)MATHCrossRefMathSciNetGoogle Scholar
  27. 27.
    Lang, S.: Algebra. Addison-Wesley, Reading (1997)Google Scholar
  28. 28.
    van Lint, J.H.: Introduction to Coding Theory. GTM. Springer, HeidelbergGoogle Scholar
  29. 29.
    Massey, J.L.: Minimal codewords and secret sharing. In: Proceedings of the 6-th Joint Swedish-Russian Workshop on Information Theory, Molle, Sweden, August 1993, pp. 269–279 (1993)Google Scholar
  30. 30.
    Massey, J.L.: Some applications of coding theory in cryptography. In: Codes and Ciphers: Cryptography and Coding IV, pp. 33–47 (1995)Google Scholar
  31. 31.
    Niederreiter, H., Wang, H., Xing, C.: Function fields over finite fields and their application to cryptography. In: García, A., Stichtenoth, H. (eds.) Topics in geometry, coding theory and cryptography. Springer, Heidelberg (2006)Google Scholar
  32. 32.
    Rabin, T., Ben-Or, M.: Verifiable secret sharing and multiparty protocols with honest majority. In: Proc. ACM STOC 1989, pp. 73–85 (1989)Google Scholar
  33. 33.
    Shamir, A.: How to share a secret. Comm. of the ACM 22(11), 612–613 (1979)MATHCrossRefMathSciNetGoogle Scholar
  34. 34.
    Silverman, J.: The Arithmetic of Elliptic Curves. GTM. Springer, HeidelbergGoogle Scholar
  35. 35.
    Shum, K.W., Aleshnikov, I., Kumar, V.P., Stichtenoth, H., Deolaikar, V.: A low-complexity algorithm for the construction of algebraic-geometric codes better than the Gilbert-Varshamov bound. IEEE Trans. IT 47(6), 2225–2241 (2001)MATHCrossRefMathSciNetGoogle Scholar
  36. 36.
    Stichtenoth, H.: Algebraic function fields and codes. Springer, Heidelberg (1993)MATHGoogle Scholar
  37. 37.
    Tsfasman, M., Vladuts, S.: Algebraic-geometric codes. Kluwer Academic Publishers, Dordrecht (1991)MATHGoogle Scholar
  38. 38.
    Vladuts, S.: A note on authentication codes from algebraic geometry. IEEE Transactions in Information Theory 44(3), 1342–1345 (1998)CrossRefGoogle Scholar
  39. 39.
    Xing, C.: Authentication codes and algebraic curves. In: Proceedings of the 3rd European Congress of Mathematics, Bikhauser, vol. 2, pp. 239–244 (2001)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2006

Authors and Affiliations

  • Hao Chen
    • 1
  • Ronald Cramer
    • 2
    • 3
  1. 1.Department of Computing and Information Technology, School of Information Science and EngineeringFudan UniversityShanghaiChina
  2. 2.CWIAmsterdamThe Netherlands
  3. 3.Mathematical InstituteLeiden UniversityThe Netherlands

Personalised recommendations