How to Split a Shared Secret into Shared Bits in Constant-Round

نویسندگان

  • Ivan Damgård
  • Matthias Fitzi
  • Jesper Buus Nielsen
  • Tomas Toft
چکیده

We show that if a set of players hold shares of a value a ∈ Zp for some prime p (where the set of shares is written [a]p), it is possible to compute, in constant round and with unconditional security, sharings of the bits of a, i.e. compute sharings [a0]p, . . . , [a`−1]p such that ` = dlog 2 (p)e, a0, . . . , a`−1 ∈ {0, 1} and a = ∑`−1 i=0 ai2 . Our protocol is secure against active adversaries and works for any linear secret sharing scheme with a multiplication protocol. This result immediately implies solutions to other long-standing open problems, such as constant-round and unconditionally secure protocols for comparing shared numbers and deciding whether a shared number is zero. The complexity of our protocol is O(` log(`)) invocations of the multiplication protocol for the underlying secret sharing scheme, carried out in O(1).

برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید

ثبت نام

اگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید

منابع مشابه

Multiparty Computation for Interval, Equality, and Comparison Without Bit-Decomposition Protocol

Damg̊ard et al. [11] showed a novel technique to convert a polynomial sharing of secret a into the sharings of the bits of a in constant rounds, which is called the bit-decomposition protocol. The bit-decomposition protocol is a very powerful tool because it enables bitoriented operations even if shared secrets are given as elements in the field. However, the bit-decomposition protocol is relati...

متن کامل

Unconditionally Secure Constant Round Multi-Party Computation for Equality, Comparison, Bits and Exponentiation

In this paper we are interested in efficient and secure constant round multi-party protocols which provide unconditional security against so called honest-but-curious adversaries. In particular, we design a novel constant round protocol that converts from shares over Zq to shares over the integers working for all shared inputs from Zq . Furthermore, we present a constant round protocol to secur...

متن کامل

An efficient way to access an array at a secret index

We propose cryptographic primitives for reading and assigning the (shared) secret found at a secret index in a vector of secrets. The problem can also be solved in constant round with existing general techniques based on arithmetic circuits and the “equality test” in [4]. However the proposed technique requires to exchange less bits. The proposed primitives require a number of rounds that is in...

متن کامل

Unconditionally Secure Constant-Rounds Multi-party Computation for Equality, Comparison, Bits and Exponentiation

In this paper we are interested in efficient and secure constant round multi-party protocols which provide unconditional security against so called honest-but-curious adversaries. In particular, we design a novel constant round protocol that converts from shares over Zq to shares over the integers working for all shared inputs from Zq. Furthermore, we present a constant round protocol to secure...

متن کامل

Codes for Interactive Authentication

An authentication protocol is a procedure by which an informant tries to convey n bits of information, which we call an input message, to a recipient. An intruder, I, controls the network over which the informant and the recipient talk. I may change any message before it reaches its destination. If the protocol has security p, then the recipient must detect this cheating with probability at lea...

متن کامل

ذخیره در منابع من


  با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید

برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید

ثبت نام

اگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید

عنوان ژورنال:
  • IACR Cryptology ePrint Archive

دوره 2005  شماره 

صفحات  -

تاریخ انتشار 2005