Skip to main content

Broadcast (and Round) Efficient Verifiable Secret Sharing

Part of the Lecture Notes in Computer Science book series (LNSC,volume 8317)

Abstract

Verifiable secret sharing (VSS) is a fundamental cryptographic primitive, lying at the core of secure multi-party computation (MPC) and, as the distributed analogue of a commitment functionality, used in numerous applications. In this paper we focus on unconditionally secure VSS protocols with honest majority.

In this setting it is typically assumed that parties are connected pairwise by authenticated, private channels, and that in addition they have access to a “broadcast” channel. Because broadcast cannot be simulated on a point-to-point network when a third or more of the parties are corrupt, it is impossible to construct VSS (and more generally, MPC) protocols in this setting without using a broadcast channel (or some equivalent addition to the model).

A great deal of research has focused on increasing the efficiency of VSS, primarily in terms of round complexity. In this work we consider a refinement of the round complexity of VSS, by adding a measure we term broadcast complexity. We view the broadcast channel as an expensive resource and seek to minimize the number of rounds in which it is invoked as well.

We construct a (linear) VSS protocol which uses the broadcast channel only twice in the sharing phase, while running in an overall constant number of rounds.

Keywords

  • Broadcast Channel
  • Reconstruction Phase
  • Broadcast Protocol
  • Honest Party
  • Byzantine Agreement

These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.

The unabridged version of this paper appears in [GGOR13].

Clint Givens is supported in part by NSF grants 0830803, 09165174, 1065276, 1118126 and 1136174, US-Israel BSF grant 2008411, OKAWA Foundation Research Award, IBM Faculty Research Award, Xerox Faculty Research Award, B. John Garrick Foundation Award, Teradata Research Award, and Lockheed-Martin Corporation Research Award. This material is based upon work supported by the Defense Advanced Research Projects Agency through the U.S. Office of Naval Research under Contract N00014-11-1-0392. The views expressed are those of the author and do not reflect the official policy or position of the Department of Defense or the U.S. Government.

This is a preview of subscription content, access via your institution.

Buying options

Chapter
USD   29.95
Price excludes VAT (USA)
  • DOI: 10.1007/978-3-319-04268-8_12
  • Chapter length: 20 pages
  • Instant PDF download
  • Readable on all devices
  • Own it forever
  • Exclusive offer for individuals only
  • Tax calculation will be finalised during checkout
eBook
USD   59.99
Price excludes VAT (USA)
  • ISBN: 978-3-319-04268-8
  • Instant PDF download
  • Readable on all devices
  • Own it forever
  • Exclusive offer for individuals only
  • Tax calculation will be finalised during checkout
Softcover Book
USD   79.99
Price excludes VAT (USA)

Notes

  1. 1.

    Trouble comes, however, when analyzing round complexity: as observed in [KK07, Koo07, KKK08], Byzantine agreement is round-expensive, and the compilation from black-box broadcast to simulated broadcast blows up the number of rounds substantially.

  2. 2.

    As this discussion suggests, it may happen that \(D\) broadcasts an honest party’s shares in step 9; this can only happen if \(\mathcal {A}\) succeeds in an IC forgery attempt (hence with negligible probability). As a consequence, our protocol achieves statistical but not perfect privacy. On the other hand, privacy is perfect conditioned on the event that \(\mathcal {A}\) is unsuccessful in all forgery attempts, as a failed forgery by itself reveals nothing about \(s\).

  3. 3.

    We note that in the description of the compilation from [KK06] gradecast with grades in \(\{0,1,2\}\) is used. Here we use gradecast with grades in \(\{0,1\}\) because during the compilation it is only required to distinguish the maximal grade from all other grades (so we put maximal grade to 1 instead of 2).

References

  1. Ben-Sasson, E., Fehr, S., Ostrovsky, R.: Near-linear unconditionally-secure multiparty computation with a dishonest minority. In: Safavi-Naini, R., Canetti, R. (eds.) CRYPTO 2012. LNCS, vol. 7417, pp. 663–680. Springer, Heidelberg (2012)

    Google Scholar 

  2. Ben-Or, M., Goldwasser, S., Wigderson, A.: Completeness theorems for non-cryptographic fault-tolerant distributed computation. In: Proceedings of the 20th Annual ACM Symposium of the Theory of Computation, pp. 1–10, May 1988

    Google Scholar 

  3. Baum-Waidner, B., Pfitzmann, B., Waidner, M.: Unconditional byzantine agreement with good majority. In: Jantzen, M., Choffrut, C. (eds.) STACS 1991. LNCS, vol. 480, pp. 285–295. Springer, Heidelberg (1991)

    Google Scholar 

  4. Beerliová-Trubíniová, Z., Hirt, M., Riser, M.: Efficient Byzantine agreement with faulty minority. In: Kurosawa, K. (ed.) ASIACRYPT 2007. LNCS, vol. 4833, pp. 393–409. Springer, Heidelberg (2007)

    CrossRef  Google Scholar 

  5. Chaum, D., Crépeau, C., Damgård, I.: Multiparty unconditionally secure protocols. In: Proceedings 20th Annual Symposium on Theory of Computing, STOC. Association for Computing Machinery, May 1988

    Google Scholar 

  6. Cramer, R., Damgård, I., Dziembowski, S., Hirt, M., Rabin, T.: Efficient multiparty computations secure against an adaptive adversary. In: Stern, J. (ed.) EUROCRYPT 1999. LNCS, vol. 1592, pp. 311–326. Springer, Heidelberg (1999)

    Google Scholar 

  7. Chor, B., Goldwasser, S., Micali, S., Awerbuch, B.: Verifiable secret sharing and achieving simultaneity in the presence of faults. In: Proceedings of Twenty Sixth IEEE Symposium in Foundations of Computer Science, pp. 383–395 (1985)

    Google Scholar 

  8. Dolev, D., Dwork, C., Waarts, O., Yung, M.: Perfectly secure message transmission. J. ACM 1(40), 17–47 (1993)

    CrossRef  MathSciNet  Google Scholar 

  9. Dolev, D.: The Byzantine generals strike again. J. Algorithms 3, 14–30 (1982)

    CrossRef  MATH  MathSciNet  Google Scholar 

  10. Dwork, C., Peleg, D., Pippenger, N., Upfal, E.: Fault tolerance in networks of bounded degree (preliminary version). In: Proceedings of the Eighteenth Annual ACM Symposium on Theory of Computing, STOC, Berkeley, California, USA, pp. 370–379, 28–30 May 1986

    Google Scholar 

  11. Dolev, D., Strong, H.: Authenticated algorithms for Byzantine agreement. SIAM J. Comput. 12(4), 656–666 (1983)

    CrossRef  MATH  MathSciNet  Google Scholar 

  12. Fitzi, M., Garay, J., Gollakota, S., Pandu Rangan, C., Srinathan, K.: Round-optimal and efficient verifiable secret sharing. In: Halevi, S., Rabin, T. (eds.) TCC 2006. LNCS, vol. 3876, pp. 329–342. Springer, Heidelberg (2006)

    Google Scholar 

  13. Fitzi, M., Gottesman, D., Hirt, M., Holenstein, T., Smith, A.: Detectable byzantine agreement secure against faulty majorities. In: Proceedings of the Twenty-First Annual Symposium on Principles of Distributed Computing, PODC ’02, pp. 118–126. ACM, New York (2002)

    Google Scholar 

  14. Fitzi, M., Gisin, N., Maurer, U., von Rotz, O.: Unconditional Byzantine agreement and multi-party computation secure against dishonest minorities from scratch. In: Knudsen, L.R. (ed.) EUROCRYPT 2002. LNCS, vol. 2332, pp. 482–501. Springer, Heidelberg (2002)

    CrossRef  Google Scholar 

  15. Fitzi, M., Hirt, M.: Optimally efficient multi-valued Byzantine agreement. In: Proceedings of the Twenty-Fifth Annual ACM Symposium on Principles of Distributed Computing, PODC ’06, pp. 163–168. ACM, New York (2006)

    Google Scholar 

  16. Fitzi, M.: Generalized communication and security models in Byzantine agreement. Ph.D. thesis, ETH Zurich, March 2003; Reprint as vol. 4 of ETH Series in Information Security and Cryptography. Hartung-Gorre Verlag, Konstanz (2003). ISBN 3-89649-853-3

    Google Scholar 

  17. Feldman, P., Micali, S.: Optimal algorithms for Byzantine agreement. In: Proceedings of the Twentieth Annual ACM Symposium on Theory of Computing, STOC ’88, pp. 148–161. ACM, New York (1988)

    Google Scholar 

  18. Garay, J., Givens, C., Ostrovsky, R.: Secure message transmission by public discussion: a brief survey. In: Chee, Y.M., Guo, Z., Ling, S., Shao, F., Tang, Y., Wang, H., Xing, C. (eds.) IWCC 2011. LNCS, vol. 6639, pp. 126–141. Springer, Heidelberg (2011)

    Google Scholar 

  19. Garay, J.A., Givens, C., Ostrovsky, R., Raykov, P.: Broadcast (and round) efficient verifiable secret sharing. In: Cryptology ePrint Archive. Report 2012/130, September 2013

    Google Scholar 

  20. Gennaro, R., Ishai, Y., Kushilevitz, E., Rabin, T.: On 2-round secure multiparty computation. In: Yung, M. (ed.) CRYPTO 2002. LNCS, vol. 2442, pp. 178–193. Springer, Heidelberg (2002)

    CrossRef  Google Scholar 

  21. Goldwasser, S., Lindell, Y.: Secure multi-party computation without agreement. J. Cryptol. 18(3), 247–287 (2005)

    CrossRef  MATH  MathSciNet  Google Scholar 

  22. Goldreich, O., Micali, S., Wigderson, A.: How to play any mental game or a completeness theorem for protocols with honest majority. In: Proceedings of the 19th Annual ACM Symposium on Theory of Computation, pp. 218–229, May 1987

    Google Scholar 

  23. Garay, J.A., Ostrovsky, R.: Almost-everywhere secure computation. In: Smart, N.P. (ed.) EUROCRYPT 2008. LNCS, vol. 4965, pp. 307–323. Springer, Heidelberg (2008)

    CrossRef  Google Scholar 

  24. Hirt, M., Raykov, P.: On the complexity of broadcast setup. In: Fomin, F.V., Freivalds, R., Kwiatkowska, M., Peleg, D. (eds.) ICALP 2013, Part I. LNCS, vol. 7965, pp. 552–563. Springer, Heidelberg (2013)

    Google Scholar 

  25. Katz, J., Koo, C.-Y.: On expected constant-round protocols for Byzantine agreement. In: Dwork, C. (ed.) CRYPTO 2006. LNCS, vol. 4117, pp. 445–462. Springer, Heidelberg (2006)

    CrossRef  Google Scholar 

  26. Katz, J., Koo, C.-Y.: Round-efficient secure computation in point-to-point networks. In: Naor, M. (ed.) EUROCRYPT 2007. LNCS, vol. 4515, pp. 311–328. Springer, Heidelberg (2007)

    CrossRef  Google Scholar 

  27. Katz, J., Koo, C.-Y., Kumaresan, R.: Improving the round complexity of VSS in point-to-point networks. In: Aceto, L., Damgård, I., Goldberg, L.A., Halldórsson, M., Ingólfsdóttir, A., Walukiewicz, I. (eds.) ICALP 2008, Part II. LNCS, vol. 5126, pp. 499–510. Springer, Heidelberg (2008)

    Google Scholar 

  28. Koo, C.-Y.: Studies on fault-tolerant broadcast and secure computation. Ph.D. thesis (2007)

    Google Scholar 

  29. Kumaresan, R., Patra, A., Pandu Rangan, C.: The round complexity of verifiable secret sharing: the statistical case. In: Abe, M. (ed.) ASIACRYPT 2010. LNCS, vol. 6477, pp. 431–447. Springer, Heidelberg (2010)

    CrossRef  Google Scholar 

  30. Lamport, L., Shostak, R., Pease, M.: The Byzantine generals problem. ACM Trans. Program. Lang. Syst. 4, 382–401 (1982)

    CrossRef  MATH  Google Scholar 

  31. Patra, A., Choudhary, A., Rabin, T., Pandu Rangan, C.: The round complexity of verifiable secret sharing revisited. In: Halevi, S. (ed.) CRYPTO 2009. LNCS, vol. 5677, pp. 487–504. Springer, Heidelberg (2009)

    CrossRef  Google Scholar 

  32. Pfitzmann, B., Waidner, M.: Information-theoretic pseudosignatures and byzantine agreement for \(t \ge n/3\). Technical report RZ 2882 (#90830), IBM Research (1996)

    Google Scholar 

  33. Rabin, T.: Robust sharing of secrets when the dealer is honest or cheating. J. ACM 41(6), 1089–1109 (1994)

    CrossRef  MathSciNet  Google Scholar 

  34. Rabin, T., Ben-Or, M.: Verifiable secret sharing and multiparty protocols with honest majority. In: Proceedings of the 21st ACM Symposium on the Theory of Computing, pp. 73–85 (1989)

    Google Scholar 

  35. Upfal, E.: Tolerating linear number of faults in networks of bounded degree. In: PODC, pp. 83–89 (1992)

    Google Scholar 

Download references

Author information

Authors and Affiliations

Authors

Corresponding author

Correspondence to Pavel Raykov .

Editor information

Editors and Affiliations

Rights and permissions

Reprints and Permissions

Copyright information

© 2014 Springer International Publishing Switzerland

About this paper

Cite this paper

Garay, J., Givens, C., Ostrovsky, R., Raykov, P. (2014). Broadcast (and Round) Efficient Verifiable Secret Sharing. In: Padró, C. (eds) Information Theoretic Security. ICITS 2013. Lecture Notes in Computer Science(), vol 8317. Springer, Cham. https://doi.org/10.1007/978-3-319-04268-8_12

Download citation

  • DOI: https://doi.org/10.1007/978-3-319-04268-8_12

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-319-04267-1

  • Online ISBN: 978-3-319-04268-8

  • eBook Packages: Computer ScienceComputer Science (R0)