On the Context-Hiding Property of Shamir-Based Homomorphic Secret Sharing
Shuai Feng, Liang Feng Zhang
TL;DR
Problem: whether output shares in IT-HSS leak information beyond the function output. Approach: formalizes per-function context-hiding via Exp_{A,IT-HSS}^{Ctx-Hid}(f) and analyzes Shamir-based IT-HSS for monomials and polynomials. Contributions: (i) a per-function context-hiding definition, (ii) perfect context-hiding results for constants and linear monomials; domain-restricted perfect hiding for certain higher-degree monomials; (iii) negative context-hiding results for multilinear monomials on F_p^d; (iv) a polynomial equivalence framework preserving context-hiding across equivalent polynomials. Significance: informs HSS/MPC design to avoid unnecessary rerandomization and improve upload efficiency.
Abstract
Homomorphic secret sharing (HSS) allows multiple input clients to secretly share their private inputs to a function among several servers such that each server can homomorphically compute the function over its share to produce a share of the function's output. In HSS-enabled applications such as secure multi-party computation (MPC), security requires that the output shares leak no more information about the inputs than the function output. Such security is ensured by the context-hiding property of HSS. The typical rerandomization technique achieves context hiding but increases the share size. To address this, we formalize the context-hiding property of HSS for individual functions, examine the context-hiding property of Shamir-based HSS for monomials, and extend the study to polynomials.