TY - JOUR
T1 - Randomness Recoverable Secret Sharing Schemes
AU - Hajiabadi, Mohammad
AU - Khazaei, Shahram
AU - Vahdani, Behzad
N1 - Publisher Copyright:
© International Association for Cryptologic Research 2024.
PY - 2024/12
Y1 - 2024/12
N2 - It is well-known that randomness is essential for secure cryptography. The randomness used in cryptographic primitives is not necessarily recoverable even by the party who can, e.g., decrypt or recover the underlying secret/message. Several cryptographic primitives that support randomness recovery have turned out useful in various applications. In this paper, we study randomness recoverable secret sharing schemes (RR-SSS), in both information-theoretic and computational settings and provide two results. First, we show that while every access structure admits a perfect RR-SSS, there are very simple access structures (e.g., in monotone AC0) that do not admit efficient perfect (or even statistical) RR-SSS. Second, we show that the existence of efficient computational RR-SSS for certain access structures in monotone AC0 implies the existence of one-way functions. This stands in sharp contrast to (non-RR) SSS schemes for which no such results are known. RR-SSS plays a key role in making advanced attributed-based encryption schemes randomness recoverable, which in turn have applications in the context of designated-verifier non-interactive zero knowledge.
AB - It is well-known that randomness is essential for secure cryptography. The randomness used in cryptographic primitives is not necessarily recoverable even by the party who can, e.g., decrypt or recover the underlying secret/message. Several cryptographic primitives that support randomness recovery have turned out useful in various applications. In this paper, we study randomness recoverable secret sharing schemes (RR-SSS), in both information-theoretic and computational settings and provide two results. First, we show that while every access structure admits a perfect RR-SSS, there are very simple access structures (e.g., in monotone AC0) that do not admit efficient perfect (or even statistical) RR-SSS. Second, we show that the existence of efficient computational RR-SSS for certain access structures in monotone AC0 implies the existence of one-way functions. This stands in sharp contrast to (non-RR) SSS schemes for which no such results are known. RR-SSS plays a key role in making advanced attributed-based encryption schemes randomness recoverable, which in turn have applications in the context of designated-verifier non-interactive zero knowledge.
UR - http://www.scopus.com/inward/record.url?scp=85201675600&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=85201675600&partnerID=8YFLogxK
U2 - 10.1007/s00145-024-09515-4
DO - 10.1007/s00145-024-09515-4
M3 - Article
AN - SCOPUS:85201675600
SN - 0933-2790
VL - 37
JO - Journal of Cryptology
JF - Journal of Cryptology
IS - 4
M1 - 34
ER -