TY - GEN
T1 - Brief announcement
T2 - 35th ACM Symposium on Principles of Distributed Computing, PODC 2016
AU - Dolev, Shlomi
AU - ElDefrawy, Karim
AU - Lampkins, Joshua
AU - Ostrovsky, Rafail
AU - Yung, Moti
N1 - Publisher Copyright: © 2016 ACM.
PY - 2016/7/25
Y1 - 2016/7/25
N2 - In a secret sharing scheme a dealer shares a secret s among n parties such that an adversary corrupting up to t par- ties does not learn s, while any t + 1 parties can efficiently recover s. Over a long period of time all parties may be cor- rupted thus violating the threshold, which is accounted for in Proactive Secret Sharing (PSS). PSS schemes periodically rerandomize (refresh) the shares of the secret and invalidate old ones. PSS retains confidentiality even when all parties are corrupted over the lifetime of the secret, but no more than t during a certain window of time, called the refresh period. Existing PSS schemes only guarantee secrecy in the presence of an honest majority with less than n=2 total cor- ruptions during a refresh period; an adversary corrupting a single additional party, even if only passively, obtains the secret. This work is the first feasibility result demonstrating PSS tolerating a dishonest majority, it introduces the first PSS scheme secure against t < n passive adversaries without recovery of lost shares, it can also recover from honest faulty parties losing their shares, and when tolerating e faults the scheme tolerates t < n-e passive corruptions. A non-robust version of the scheme can tolerate t < n=2 - e active adver- saries, and mixed adversaries that control a combination of passively and actively corrupted parties that are a majority, but where less than n=2 - e of such corruptions are active. We achieve these high thresholds with O(n4) communica- tion when sharing a single secret, and O(n3) communication when sharing multiple secrets in batches.
AB - In a secret sharing scheme a dealer shares a secret s among n parties such that an adversary corrupting up to t par- ties does not learn s, while any t + 1 parties can efficiently recover s. Over a long period of time all parties may be cor- rupted thus violating the threshold, which is accounted for in Proactive Secret Sharing (PSS). PSS schemes periodically rerandomize (refresh) the shares of the secret and invalidate old ones. PSS retains confidentiality even when all parties are corrupted over the lifetime of the secret, but no more than t during a certain window of time, called the refresh period. Existing PSS schemes only guarantee secrecy in the presence of an honest majority with less than n=2 total cor- ruptions during a refresh period; an adversary corrupting a single additional party, even if only passively, obtains the secret. This work is the first feasibility result demonstrating PSS tolerating a dishonest majority, it introduces the first PSS scheme secure against t < n passive adversaries without recovery of lost shares, it can also recover from honest faulty parties losing their shares, and when tolerating e faults the scheme tolerates t < n-e passive corruptions. A non-robust version of the scheme can tolerate t < n=2 - e active adver- saries, and mixed adversaries that control a combination of passively and actively corrupted parties that are a majority, but where less than n=2 - e of such corruptions are active. We achieve these high thresholds with O(n4) communica- tion when sharing a single secret, and O(n3) communication when sharing multiple secrets in batches.
KW - Dishonest majority
KW - Non-robust secret sharing
KW - Proac-tive secret sharing
KW - Proactive security
KW - Secret sharing
UR - http://www.scopus.com/inward/record.url?scp=84984679711&partnerID=8YFLogxK
U2 - https://doi.org/10.1145/2933057.2933059
DO - https://doi.org/10.1145/2933057.2933059
M3 - Conference contribution
T3 - Proceedings of the Annual ACM Symposium on Principles of Distributed Computing
SP - 401
EP - 403
BT - PODC 2016 - Proceedings of the 2016 ACM Symposium on Principles of Distributed Computing
Y2 - 25 July 2016 through 28 July 2016
ER -