Paper 2024/1781

New results in Share Conversion, with applications to evolving access structures

Tamar Ben David, Ariel University
Varun Narayanan, University of California, Los Angeles
Olga Nissenbaum, Ariel University
Anat Paskin-Cherniavsky, Ariel University
Abstract

We say there is a share conversion from a secret-sharing scheme Π to another scheme Π implementing the same access structure if each party can locally apply a deterministic function to their share to transform any valid secret-sharing under to a valid (but not necessarily random) secret-sharing under of the same secret. If such a conversion exists, we say that . This notion was introduced by Cramer et al. (TCC'05), where they particularly proved that for any access structure, any linear secret-sharing scheme over a given field , has a conversion from a CNF scheme, and is convertible to a DNF scheme. In this work, we initiate a systematic study of convertability between secret-sharing schemes, and present a number of results with implications to the understanding of the convertibility landscape. - In the context of linear schemes, we present two key theorems providing necessary conditions for convertibility, proved using linear-algebraic tools. It has several implications, such as the fact that Shamir secret-sharing scheme can be neither maximal or minimal. Another implication of it is that a scheme may be minimal if its share complexity is at least as high as that of DNF. - Our second key result is a necessary condition for convertibility to CNF from a broad class of (not necessarily linear) schemes. This result is proved via information-theoretic techniques and implies non-maximality for schemes with share complexity smaller than that of CNF. We also provide a condition which is both necessary and sufficient for the existence of a share conversion to some linear scheme. The condition is stated as a system of linear equations, such that a conversion exists if and only if a solution to the linear system exists. We note that the impossibility results for linear schemes may be viewed as identifying a subset of contradicting equations in the system. Another contribution of our paper, is in defining and studying share conversion for evolving secret-sharing schemes. In such a schemes, recently introduced by Komargodski et al. (IEEE ToIT'18), the number of parties is not bounded apriori, and every party receives a share as it arrives, which never changes in the sequel. Our impossibility results have implications to the evolving setting as well. Interestingly, unlike in the standard setting, there is no maximum or minimum in a broad class of evolving schemes, even without any restriction on the share size. Finally, we show that, generally, there is no conversion between additive schemes over different fields, even from CNF to DNF! However by relaxing from perfect to statistical security, it may be possible to convert, and examplify this for (n,n)-threshold access structures.

Metadata
Available format(s)
PDF
Category
Foundations
Publication info
Preprint.
Keywords
secret sharingshare conversionevolving secret sharinglinear secret sharingCNFDNFfeasibility
Contact author(s)
tamaryahav12 @ gmail com
varunnkv @ gmail com
olganissenbaum @ gmail com
anatpc @ ariel ac il
History
2025-03-28: revised
2024-10-31: received
See all versions
Short URL
https://ia.cr/2024/1781
License
Creative Commons Attribution
CC BY

BibTeX 

@misc{cryptoeprint:2024/1781,
      author = {Tamar Ben David and Varun Narayanan and Olga Nissenbaum and Anat Paskin-Cherniavsky},
      title = {New results in Share Conversion, with applications to evolving access structures},
      howpublished = {Cryptology {ePrint} Archive, Paper 2024/1781},
      year = {2024},
      url = {https://eprint.iacr.org/2024/1781}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.