[Resource Topic] 2024/1761: Resilience-Optimal Lightweight High-threshold Asynchronous Verifiable Secret Sharing

Resource Cryptographic protocols
#1

Welcome to the resource topic for 2024/1761

Title:
Resilience-Optimal Lightweight High-threshold Asynchronous Verifiable Secret Sharing

Authors: Hao Cheng, Jiliang Li, Yizhong Liu, Yuan Lu, Weizhi Meng, Zhenfeng Zhang

Abstract:

Shoup and Smart (SS24) recently introduced a lightweight asynchronous verifiable secret sharing (AVSS) protocol with optimal resilience directly from cryptographic hash functions (JoC 2024), offering plausible quantum resilience and computational efficiency. However, SS24 AVSS only achieves standard secrecy to keep the secret confidential against n/3 corrupted parties \textit{if no honest party publishes its share}. In contrast, from ``heavyweight’’ public-key cryptography, one can realize so-called \textit{high-threshold} asynchronous verifiable secret sharing (HAVSS), with a stronger \textit{high-threshold} secrecy to tolerate n/3 corrupted parties and additional leaked shares from n/3 honest parties. This raises the following question: can we bridge the remaining gap to design an efficient HAVSS using only lightweight cryptography?

We answer the question in the affirmative by presenting a lightweight HAVSS with optimal resilience. When executing across n parties to share a secret, it attains a worst-case communication complexity of \Tilde{\bigO}(\lambda n^3) (where \lambda is the cryptographic security parameter) and realizes high-threshold secrecy to tolerate a fully asynchronous adversary that can control t= \lfloor \frac{n-1}{3} \rfloor malicious parties and also learn t additional secret shares from some honest parties.
The (worst-case) communication complexity of our lightweight HAVSS protocol matches that of SS24 AVSS—the state-of-the-art lightweight AVSS without high-threshold secrecy.
Notably, our design is a direct and concretely efficient reduction to hash functions in the random oracle model, without extra setup assumptions like CRS/PKI or heavy intermediate steps like hash-based zk-STARK.

ePrint: https://eprint.iacr.org/2024/1761

See all topics related to this paper.

Feel free to post resources that are related to this paper below.

Example resources include: implementations, explanation materials, talks, slides, links to previous discussions on other websites.

For more information, see the rules for Resource Topics .