Resilience-Optimal Lightweight High-threshold Asynchronous Verifiable Secret Sharing

Paper 2024/1761

Resilience-Optimal Lightweight High-threshold Asynchronous Verifiable Secret Sharing

Hao Cheng, Institute of Software, Chinese Academy of Sciences, China
Jiliang Li, School of Cyber Science and Engineering, Xi’an Jiaotong University, China
Yizhong Liu, School of Cyber Science and Technology, Beihang University, China
Yuan Lu, Institute of Software, Chinese Academy of Sciences, China
Weizhi Meng, School of Computing and Communications, Lancaster University, United Kingdom
Zhenfeng Zhang, Institute of Software, Chinese Academy of Sciences, China
Abstract

Shoup and Smart (SS24) recently introduced a lightweight asynchronous verifiable secret sharing (AVSS) protocol with optimal resilience directly from cryptographic hash functions (JoC 2024), offering plausible quantum resilience and computational efficiency. However, SS24 AVSS only achieves standard secrecy to keep the secret confidential against $n/3$ corrupted parties \textit{if no honest party publishes its share}. In contrast, from ``heavyweight'' public-key cryptography, one can realize so-called \textit{high-threshold} asynchronous verifiable secret sharing (HAVSS), with a stronger \textit{high-threshold} secrecy to tolerate $n/3$ corrupted parties and additional leaked shares from $n/3$ honest parties. This raises the following question: can we bridge the remaining gap to design an efficient HAVSS using only lightweight cryptography? We answer the question in the affirmative by presenting a lightweight HAVSS with optimal resilience. When executing across $n$ parties to share a secret, it attains a worst-case communication complexity of $\Tilde{\bigO}(\lambda n^3)$ (where $\lambda$ is the cryptographic security parameter) and realizes high-threshold secrecy to tolerate a fully asynchronous adversary that can control $t= \lfloor \frac{n-1}{3} \rfloor$ malicious parties and also learn $t$ additional secret shares from some honest parties. The (worst-case) communication complexity of our lightweight HAVSS protocol matches that of SS24 AVSS---the state-of-the-art lightweight AVSS without high-threshold secrecy. Notably, our design is a direct and concretely efficient reduction to hash functions in the random oracle model, without extra setup assumptions like CRS/PKI or heavy intermediate steps like hash-based zk-STARK.

Metadata
Available format(s)
PDF
Category
Cryptographic protocols
Publication info
Preprint.
Keywords
Asynchronous Verifiable Secret SharingLightweight CryptographyHigh-threshold Secrecy
Contact author(s)
chenghao2020 @ iscas ac cn
jiliang li @ xjtu edu cn
liuyizhong @ buaa edu cn
luyuan @ iscas ac cn
w meng3 @ lancaster ac uk
zhenfeng @ iscas ac cn
History
2024-10-30: approved
2024-10-29: received
See all versions
Short URL
https://ia.cr/2024/1761
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2024/1761,
      author = {Hao Cheng and Jiliang Li and Yizhong Liu and Yuan Lu and Weizhi Meng and Zhenfeng Zhang},
      title = {Resilience-Optimal Lightweight High-threshold Asynchronous Verifiable Secret Sharing},
      howpublished = {Cryptology {ePrint} Archive, Paper 2024/1761},
      year = {2024},
      url = {https://eprint.iacr.org/2024/1761}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.