ar X iv : 1 10 3 . 25 44 v 1 [ cs . I T ] 1 3 M ar 2 01 1 Almost - perfect secret sharing

Splitting a secret s between several participants, we generate (for each value of s) shares for all participants. The goal: authorized groups of participants should be able to reconstruct the secret but forbidden ones get no information about it. In this paper we introduce several notions of non-perfect secret sharing, where some small information leak is permitted. We study its relation to the Kolmogorov complexity version of secret sharing (establishing some connection in both directions) and the effects of changing the secret size (showing that we can decrease the size of the secret and the information leak at the same time). Assume that we want to share a secret – say, a bit string x of length n – between two people in such a way that they can reconstruct it together but none of them can do this in isolation. This is simple, choose a random string r of length n and give r and r ⊕ x to the participants (r ⊕ x is a bitwise xor of x and r.) Both r and r ⊕ x in isolation are uniformly distributed among all n-bit strings, so they have no information about x. The general setting for secret sharing can be described as follows. We consider some finite set K whose elements are called secrets. We also have a finite set P of participants. An access structure is a non-empty set Γ whose elements are groups of participants, i.e., a non-empty subset of 2 P. Elements of Γ are called authorized groups of participants (that should be able to reconstruct the secret). Other subsets of P are called forbidden groups (that should get no information about the secret). We always assume that Γ is upward-closed (it is natural since a bigger group knows more) 1. In our initial example K = B n (the set of n-bit strings), P = {1, 2} (we have two participants labeled 1 and 2), and Γ consists of the set {1, 2} only. In general, perfect secret sharing can be defined as follows. For every participant p ∈ P a set S p is fixed; its elements are p's shares. For every k ∈ K we have a tuple of #P dependent random variables σ p ∈ S p. There are two conditions: • for every authorized set A ∈ Γ it is possible to reconstruct uniquely the secret k from the …