Ideal hierarchical secret sharing schemes

Hierarchical secret sharing is among the most natural generalizations of threshold secret sharing, and it has attracted a lot of attention from the invention of secret sharing until nowadays. Several constructions of ideal hierarchical secret sharing schemes have been proposed, but it was not known what access structures admit such a scheme. We solve this problem by providing a natural definition for the family of the hierarchical access structures and, more importantly, by presenting a complete characterization of the ideal hierarchical access structures, that is, the ones admitting an ideal secret sharing scheme. Our characterization deals with the properties of the hierarchically minimal sets of the access structure, which are the minimal qualified sets whose participants are in the lowest possible levels in the hierarchy. By using our characterization, it can be efficiently checked whether any given hierarchical access structure that is defined by its hierarchically minimal sets is ideal. We use the well known connection between ideal secret sharing and matroids and, in particular, the fact that every ideal access structure is a matroid port. In addition, we use recent results on ideal multipartite access structures and the connection between multipartite matroids and integer polymatroids. We prove that every ideal hierarchical access structure is the port of a representable matroid and, more specifically, we prove that every ideal structure in this family admits ideal linear secret sharing schemes over fields of all characteristics. In addition, methods to construct such ideal schemes can be derived from the results in this paper and the aforementioned ones on ideal multipartite secret sharing. Finally, we use our results to find a new proof for the characterization of the ideal weighted threshold access structures that is simpler than the existing one.Peer ReviewedPostprint (author's final draft

On the optimization of bipartite secret sharing schemes

Optimizing the ratio between the maximum length of the shares and the length of the secret value in secret sharing schemes for general access structures is an extremely difficult and long-standing open problem. In this paper, we study it for bipartite access structures, in which the set of participants is divided in two parts, and all participants in each part play an equivalent role. We focus on the search of lower bounds by using a special class of polymatroids that is introduced here, the tripartite ones. We present a method based on linear programming to compute, for every given bipartite access structure, the best lower bound that can be obtained by this combinatorial method. In addition, we obtain some general lower bounds that improve the previously known ones, and we construct optimal secret sharing schemes for a family of bipartite access structures.Peer ReviewedPostprint (author's final draft

Infinite Secret Sharing -- Examples

The motivation for extending secret sharing schemes to cases when either the set of players is infinite or the domain from which the secret and/or the shares are drawn is infinite or both, is similar to the case when switching to abstract probability spaces from classical combinatorial probability. It might shed new light on old problems, could connect seemingly unrelated problems, and unify diverse phenomena. Definitions equivalent in the finitary case could be very much different when switching to infinity, signifying their difference. The standard requirement that qualified subsets should be able to determine the secret has different interpretations in spite of the fact that, by assumption, all participants have infinite computing power. The requirement that unqualified subsets should have no, or limited information on the secret suggests that we also need some probability distribution. In the infinite case events with zero probability are not necessarily impossible, and we should decide whether bad events with zero probability are allowed or not. In this paper, rather than giving precise definitions, we enlist an abundance of hopefully interesting infinite secret sharing schemes. These schemes touch quite diverse areas of mathematics such as projective geometry, stochastic processes and Hilbert spaces. Nevertheless our main tools are from probability theory. The examples discussed here serve as foundation and illustration to the more theory oriented companion paper

Optimal non-perfect uniform secret sharing schemes

A secret sharing scheme is non-perfect if some subsets of participants that cannot recover the secret value have partial information about it. The information ratio of a secret sharing scheme is the ratio between the maximum length of the shares and the length of the secret. This work is dedicated to the search of bounds on the information ratio of non-perfect secret sharing schemes. To this end, we extend the known connections between polymatroids and perfect secret sharing schemes to the non-perfect case. In order to study non-perfect secret sharing schemes in all generality, we describe their structure through their access function, a real function that measures the amount of information that every subset of participants obtains about the secret value. We prove that there exists a secret sharing scheme for every access function. Uniform access functions, that is, the ones whose values depend only on the number of participants, generalize the threshold access structures. Our main result is to determine the optimal information ratio of the uniform access functions. Moreover, we present a construction of linear secret sharing schemes with optimal information ratio for the rational uniform access functions.Peer ReviewedPostprint (author's final draft

On Ideal Secret-Sharing Schemes for kk-homogeneous access structures

A $k$-uniform hypergraph is a hypergraph where each $k$-hyperedge has exactly $k$ vertices. A $k$-homogeneous access structure is represented by a $k$-uniform hypergraph $\mathcal{H}$, in which the participants correspond to the vertices of hypergraph $\mathcal{H}$. A set of vertices can reconstruct the secret value from their shares if they are connected by a $k$-hyperedge, while a set of non-adjacent vertices does not obtain any information about the secret. One parameter for measuring the efficiency of a secret sharing scheme is the information rate, defined as the ratio between the length of the secret and the maximum length of the shares given to the participants. Secret sharing schemes with an information rate equal to one are called ideal secret sharing schemes. An access structure is considered ideal if an ideal secret sharing scheme can realize it. Characterizing ideal access structures is one of the important problems in secret sharing schemes. The characterization of ideal access structures has been studied by many authors~\cite{BD, CT,JZB, FP1,FP2,DS1,TD}. In this paper, we characterize ideal $k$-homogeneous access structures using the independent sequence method. In particular, we prove that the reduced access structure of $\Gamma$ is an $(k, n)$-threshold access structure when the optimal information rate of $\Gamma$ is larger than $\frac{k-1}{k}$, where $\Gamma$ is a $k$-homogeneous access structure satisfying specific criteria.Comment: 19 page

Secret sharing and duality

Secret sharing is an important building block in cryptography. All explicitly defined secret sharing schemes with known exact complexity bounds are multi-linear, thus are closely related to linear codes. The dual of such a linear scheme, in the sense of duality of linear codes, gives another scheme for the dual access structure. These schemes have the same complexity, namely the largest share size relative to the secret size is the same. It is a long-standing open problem whether this fact is true in general: the complexity of any access structure is the same as the complexity of its dual. We give an almost answer to this question. An almost perfect scheme allows negligible errors, both in the recovery and in the independence. There exists an almost perfect ideal scheme on 174 participants whose complexity is strictly smaller than that of its dual

Secret sharing schemes: Optimizing the information ratio

Secret sharing refers to methods used to distribute a secret value among a set of participants. This work deals with the optimization of two parameters regarding the efficiency of a secret sharing scheme: the information ratio and average information ratio. Only access structures (a special family of sets) on 5 and 6 participants will be considered. First, access structures with 5 participants will be studied, followed by the ones on 6 participants that are based on graphs. The main goal of the paper is to check existing lower bounds (and improve some of them) by using linear programs with the sage solver. Shannon information inequalities have been used to translate the polymatroid axioms into linear constraints