Logo
ScienceStack
Table of Contents
Fetching ...
Sign In

Publicly Verifiable Secret Sharing: Generic Constructions and Lattice-Based Instantiations in the Standard Model

Pham Nhat Minh, Khoa Nguyen, Willy Susilo, Khuong Nguyen-An

TL;DR

The paper addresses the lack of a post-quantum PVSS with standard-model security by introducing a generic PVSS framework built from a $IND-CPA$ PKE with unique key pairs and a lattice-based NIZK for gap languages. It then provides a lattice-based instantiation in the CRS model under the $LWE$ assumption by designing trapdoor $\Sigma$-protocols and applying the LNPT20 compiler to obtain adaptive soundness and multi-theorem zero-knowledge. The construction leverages ACPS09 as the PKE and integrates Shamir secret sharing to realize a PVSS pipeline that is publicly verifiable and resilient against quantum adversaries, with a thorough parameter and complexity analysis. This work establishes foundational feasibility for post-quantum PVSS in the standard model and sets the stage for practical optimizations and implementations. It also relies on a trusted third party to generate the CRS, aligning with prior CRS-based PVSS frameworks and enabling robust public verifiability in the lattice setting.

Abstract

Publicly verifiable secret sharing (PVSS) allows a dealer to share a secret among a set of shareholders so that the secret can be reconstructed later from any set of qualified participants. In addition, any public verifier should be able to check the correctness of the sharing and reconstruction process. PVSS has been demonstrated to yield various applications, such as e-voting, distributed key generation, decentralized random number generation protocols, and multi-party computation. Although many concrete PVSS protocols have been proposed, their security is either proven in the random oracle model or relies on quantum-vulnerable assumptions such as factoring or discrete logarithm. In this work, we put forward a generic construction for PVSS that can be instantiated in the standard model under the Learning With Errors (LWE) assumption. Our instantiation provides the first post-quantum PVSS in the standard model, with a reasonable level of asymptotic efficiency.

Publicly Verifiable Secret Sharing: Generic Constructions and Lattice-Based Instantiations in the Standard Model

TL;DR

The paper addresses the lack of a post-quantum PVSS with standard-model security by introducing a generic PVSS framework built from a PKE with unique key pairs and a lattice-based NIZK for gap languages. It then provides a lattice-based instantiation in the CRS model under the assumption by designing trapdoor -protocols and applying the LNPT20 compiler to obtain adaptive soundness and multi-theorem zero-knowledge. The construction leverages ACPS09 as the PKE and integrates Shamir secret sharing to realize a PVSS pipeline that is publicly verifiable and resilient against quantum adversaries, with a thorough parameter and complexity analysis. This work establishes foundational feasibility for post-quantum PVSS in the standard model and sets the stage for practical optimizations and implementations. It also relies on a trusted third party to generate the CRS, aligning with prior CRS-based PVSS frameworks and enabling robust public verifiability in the lattice setting.

Abstract

Publicly verifiable secret sharing (PVSS) allows a dealer to share a secret among a set of shareholders so that the secret can be reconstructed later from any set of qualified participants. In addition, any public verifier should be able to check the correctness of the sharing and reconstruction process. PVSS has been demonstrated to yield various applications, such as e-voting, distributed key generation, decentralized random number generation protocols, and multi-party computation. Although many concrete PVSS protocols have been proposed, their security is either proven in the random oracle model or relies on quantum-vulnerable assumptions such as factoring or discrete logarithm. In this work, we put forward a generic construction for PVSS that can be instantiated in the standard model under the Learning With Errors (LWE) assumption. Our instantiation provides the first post-quantum PVSS in the standard model, with a reasonable level of asymptotic efficiency.

Paper Structure

This paper contains 38 sections, 13 theorems, 17 equations, 4 figures, 2 tables.

Table of Contents

  1. Introduction
  2. Our Contribution
  3. Technical Overview
  4. Related Works
  5. Structure of the Paper
  6. Preliminaries
  7. Lattice Assumption and Trapdoor
  8. Public Key Encryption and the ACPS Encryption Scheme
  9. Trapdoor Protocols
  10. Non-Interactive Zero-Knowledge Arguments
  11. Shamir Secret Sharing Scheme
  12. Public Verifiable Secret Sharing Scheme
  13. A Generic PVSS Construction from Public Key Encryption and NIZK
  14. Construction
  15. Security Proof
  16. ...and 23 more sections

Key Result

Lemma 1

For any $\sigma=\omega(v)$, it holds that

Figures (4)

  • Figure 1: The game $\mathbf{Game}^{\mathsf{Gen-IND-CPA}}_b(\mathcal{A},t)$.
  • Figure 2: Game $\mathbf{Game}^{\mathsf{PVSS}-\mathsf{Correctness}}(\mathcal{A},s)$ .
  • Figure 3: Game $\mathbf{Game}^{\mathsf{PVSS}-\mathsf{Ver}}(\mathcal{A})$ .
  • Figure 4: Game $\mathbf{Game}^{\mathsf{PVSS}-\mathsf{IND}}_b(\mathcal{A})$ with supporting interactive oracle $\mathcal{O}_{\mathsf{PVSS},\mathcal{A}}(.)$.

Theorems & Definitions (42)

  • Lemma 1: MR04, Theorem 4.4 and LST18, Lemma 2.1, Adapted
  • Lemma 2
  • proof
  • Lemma 3: L12, Theorem 4.6
  • Definition 1: The LWE Assumption
  • Lemma 4: MP12, Theorem 5.1
  • Definition 2: PKE
  • Definition 3: Key Correctness
  • Definition 4: Encryption Correctness
  • Definition 5: Multi-key IND-CPA Security CDGK22
  • ...and 32 more