[Resource Topic] 2024/876: Distributing Keys and Random Secrets with Constant Complexity

Resource Cryptographic protocols
#1

Welcome to the resource topic for 2024/876

Title:
Distributing Keys and Random Secrets with Constant Complexity

Authors: Benny Applebaum, Benny Pinkas

Abstract:

In the Distributed Secret Sharing Generation (DSG) problem n parties wish to obliviously sample a secret-sharing of a random value s taken from some finite field, without letting any of the parties learn s. Distributed Key Generation (DKG) is a closely related variant of the problem in which, in addition to their private shares, the parties also generate a public ``commitment’’ g^s to the secret. Both DSG and DKG are central primitives in the domain of secure multiparty computation and threshold cryptography.

In this paper, we study the communication complexity of DSG and DKG. Motivated by large-scale cryptocurrency and blockchain applications, we ask whether it is possible to obtain protocols in which the communication per party is a constant that does not grow with the number of parties. We answer this question to the affirmative in a model where broadcast communication is implemented via a public bulletin board (e.g., a ledger). Specifically, we present a constant-round DSG/DKG protocol in which the number of bits that each party sends/receives from the public bulletin board is a constant that depends only on the security parameter and the field size but does not grow with the number of parties n. In contrast, in all existing solutions at least some of the parties send \Omega(n) bits.

Our protocol works in the near-threshold setting. Given arbitrary privacy/correctness parameters 0<\tau_p<\tau_c<1, the protocol tolerates up to \tau_p n actively corrupted parties and delivers shares of a random secret according to some \tau_p n-private \tau_c n-correct secret sharing scheme, such that the adversary cannot bias the secret or learn anything about it. The protocol is based on non-interactive zero-knowledge proofs, non-interactive commitments and a novel secret-sharing scheme with special robustness properties that is based on Low-Density Parity-Check codes. As a secondary contribution, we extend the formal MPC-based treatment of DKG/DSG, and study new aspects of Affine Secret Sharing Schemes.

ePrint: https://eprint.iacr.org/2024/876

See all topics related to this paper.

Feel free to post resources that are related to this paper below.

Example resources include: implementations, explanation materials, talks, slides, links to previous discussions on other websites.

For more information, see the rules for Resource Topics .