TY - GEN
T1 - Secret-Sharing Schemes for High Slices
AU - Beimel, Amos
AU - Farràs, Oriol
AU - Lasri, Or
AU - Nir, Oded
N1 - Publisher Copyright: © International Association for Cryptologic Research 2025.
PY - 2025/1/1
Y1 - 2025/1/1
N2 - In a secret-sharing scheme, a secret is shared among n parties such that the secret can be recovered by authorized coalitions, while it should be kept hidden from unauthorized coalitions. In this work we study secret-sharing for k-slice access structures, in which coalitions of size k are either authorized or not, larger coalitions are authorized and smaller are unauthorized. Known schemes for these access structures had smaller shares for small k’s than for large ones; hence our focus is on “high” (n-k)-slices where k is small. Our work is inspired by several motivations: 1) Obtaining efficient schemes (with perfect or computational security) for natural families of access structures; 2) Making progress in the search for better schemes for general access structures, which are often based on schemes for slice access structures; 3) Proving or disproving the conjecture by Csirmaz (J. Math. Cryptol., 2020) that an access structures and its dual can be realized by secret-sharing schemes with the same share size. The main results of this work are:Perfect schemes for high slices. We present a scheme for (n-k)-slices with information-theoretic security and share size kn·2O~(klogn). Using a different scheme with slightly larger shares, we prove that the ratio between the optimal share size of k-slices and that of their dual (n-k)-slices is bounded by n.Computational schemes for high slices. We present a scheme for (n-k)-slices with computational security and share size O(k2λlogn) based on the existence of one-way functions. Our scheme makes use of a non-standard view point on Shamir secret-sharing schemes that allows to share many secrets with different thresholds with low cost.Multislice access structures. (a : b)-multislices are access structures that behave similarly to slices, but are unconstrained on coalitions in a wider range of cardinalities between a and b. We use our new schemes for high slices to realize multislices with the same share sizes that their duals have today. This solves an open question raised by Applebaum and Nir (Crypto, 2021), and allows to realize hypergraph access structures that are chosen uniformly at random under a natural set of distributions with share size 20.491n+o(n) compared to the previous result of 20.5n+o(n). Perfect schemes for high slices. We present a scheme for (n-k)-slices with information-theoretic security and share size kn·2O~(klogn). Using a different scheme with slightly larger shares, we prove that the ratio between the optimal share size of k-slices and that of their dual (n-k)-slices is bounded by n. Computational schemes for high slices. We present a scheme for (n-k)-slices with computational security and share size O(k2λlogn) based on the existence of one-way functions. Our scheme makes use of a non-standard view point on Shamir secret-sharing schemes that allows to share many secrets with different thresholds with low cost. Multislice access structures. (a : b)-multislices are access structures that behave similarly to slices, but are unconstrained on coalitions in a wider range of cardinalities between a and b. We use our new schemes for high slices to realize multislices with the same share sizes that their duals have today. This solves an open question raised by Applebaum and Nir (Crypto, 2021), and allows to realize hypergraph access structures that are chosen uniformly at random under a natural set of distributions with share size 20.491n+o(n) compared to the previous result of 20.5n+o(n).
AB - In a secret-sharing scheme, a secret is shared among n parties such that the secret can be recovered by authorized coalitions, while it should be kept hidden from unauthorized coalitions. In this work we study secret-sharing for k-slice access structures, in which coalitions of size k are either authorized or not, larger coalitions are authorized and smaller are unauthorized. Known schemes for these access structures had smaller shares for small k’s than for large ones; hence our focus is on “high” (n-k)-slices where k is small. Our work is inspired by several motivations: 1) Obtaining efficient schemes (with perfect or computational security) for natural families of access structures; 2) Making progress in the search for better schemes for general access structures, which are often based on schemes for slice access structures; 3) Proving or disproving the conjecture by Csirmaz (J. Math. Cryptol., 2020) that an access structures and its dual can be realized by secret-sharing schemes with the same share size. The main results of this work are:Perfect schemes for high slices. We present a scheme for (n-k)-slices with information-theoretic security and share size kn·2O~(klogn). Using a different scheme with slightly larger shares, we prove that the ratio between the optimal share size of k-slices and that of their dual (n-k)-slices is bounded by n.Computational schemes for high slices. We present a scheme for (n-k)-slices with computational security and share size O(k2λlogn) based on the existence of one-way functions. Our scheme makes use of a non-standard view point on Shamir secret-sharing schemes that allows to share many secrets with different thresholds with low cost.Multislice access structures. (a : b)-multislices are access structures that behave similarly to slices, but are unconstrained on coalitions in a wider range of cardinalities between a and b. We use our new schemes for high slices to realize multislices with the same share sizes that their duals have today. This solves an open question raised by Applebaum and Nir (Crypto, 2021), and allows to realize hypergraph access structures that are chosen uniformly at random under a natural set of distributions with share size 20.491n+o(n) compared to the previous result of 20.5n+o(n). Perfect schemes for high slices. We present a scheme for (n-k)-slices with information-theoretic security and share size kn·2O~(klogn). Using a different scheme with slightly larger shares, we prove that the ratio between the optimal share size of k-slices and that of their dual (n-k)-slices is bounded by n. Computational schemes for high slices. We present a scheme for (n-k)-slices with computational security and share size O(k2λlogn) based on the existence of one-way functions. Our scheme makes use of a non-standard view point on Shamir secret-sharing schemes that allows to share many secrets with different thresholds with low cost. Multislice access structures. (a : b)-multislices are access structures that behave similarly to slices, but are unconstrained on coalitions in a wider range of cardinalities between a and b. We use our new schemes for high slices to realize multislices with the same share sizes that their duals have today. This solves an open question raised by Applebaum and Nir (Crypto, 2021), and allows to realize hypergraph access structures that are chosen uniformly at random under a natural set of distributions with share size 20.491n+o(n) compared to the previous result of 20.5n+o(n).
UR - http://www.scopus.com/inward/record.url?scp=85211933084&partnerID=8YFLogxK
U2 - https://doi.org/10.1007/978-3-031-78023-3_19
DO - https://doi.org/10.1007/978-3-031-78023-3_19
M3 - Conference contribution
SN - 9783031780226
T3 - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
SP - 581
EP - 613
BT - Theory of Cryptography - 22nd International Conference, TCC 2024, Proceedings
A2 - Boyle, Elette
A2 - Mahmoody, Mohammad
PB - Springer Science and Business Media Deutschland GmbH
T2 - 22nd Theory of Cryptography Conference, TCC 2024
Y2 - 2 December 2024 through 6 December 2024
ER -