TY - GEN
T1 - High-Threshold AVSS with Optimal Communication Complexity
AU - AlHaddad, Nicolas
AU - Varia, Mayank
AU - Zhang, Haibin
N1 - Publisher Copyright:
© 2021, International Financial Cryptography Association.
PY - 2021
Y1 - 2021
N2 - Asynchronous verifiable secret sharing (AVSS) protocols protect a secret that is distributed among n parties. Dual-threshold AVSS protocols guarantee consensus in the presence of t Byzantine failures and privacy if fewer than p parties attempt to reconstruct the secret. In this work, we construct a dual-threshold AVSS protocol called Haven that is optimal along several dimensions. First, it is a high-threshold AVSS scheme, meaning that it is a dual-threshold AVSS with optimal parameters t< n/ 3 and p< n- t. Second, it has O(n2) message complexity, and for large secrets it achieves the optimal O(n) communication overhead, without the need for a public key infrastructure or trusted setup. While these properties have been achieved individually before, to our knowledge this is the first protocol that achieves all of the above simultaneously. The core component of Haven is a high-threshold AVSS scheme for small secrets based on polynomial commitments that achieves O(n2log (n) ) communication overhead, as compared to prior schemes that require O(n3) overhead with t< n/ 4 Byzantine failures or O(n4) overhead for the recent high-threshold protocol of Kokoris-Kogias et al. (CCS 2020). Using standard amortization methods based on erasure coding, we can reduce the communication complexity to O(n| s| ) for a large secret s.
AB - Asynchronous verifiable secret sharing (AVSS) protocols protect a secret that is distributed among n parties. Dual-threshold AVSS protocols guarantee consensus in the presence of t Byzantine failures and privacy if fewer than p parties attempt to reconstruct the secret. In this work, we construct a dual-threshold AVSS protocol called Haven that is optimal along several dimensions. First, it is a high-threshold AVSS scheme, meaning that it is a dual-threshold AVSS with optimal parameters t< n/ 3 and p< n- t. Second, it has O(n2) message complexity, and for large secrets it achieves the optimal O(n) communication overhead, without the need for a public key infrastructure or trusted setup. While these properties have been achieved individually before, to our knowledge this is the first protocol that achieves all of the above simultaneously. The core component of Haven is a high-threshold AVSS scheme for small secrets based on polynomial commitments that achieves O(n2log (n) ) communication overhead, as compared to prior schemes that require O(n3) overhead with t< n/ 4 Byzantine failures or O(n4) overhead for the recent high-threshold protocol of Kokoris-Kogias et al. (CCS 2020). Using standard amortization methods based on erasure coding, we can reduce the communication complexity to O(n| s| ) for a large secret s.
UR - http://www.scopus.com/inward/record.url?scp=85119098547&partnerID=8YFLogxK
U2 - 10.1007/978-3-662-64331-0_25
DO - 10.1007/978-3-662-64331-0_25
M3 - Conference contribution
AN - SCOPUS:85119098547
SN - 9783662643303
T3 - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
SP - 479
EP - 498
BT - Financial Cryptography and Data Security - 25th International Conference, FC 2021, Revised Selected Papers
A2 - Borisov, Nikita
A2 - Diaz, Claudia
PB - Springer Science and Business Media Deutschland GmbH
T2 - 25th International Conference on Financial Cryptography and Data Security, FC 2021
Y2 - 1 March 2021 through 5 March 2021
ER -