On the optimization of bipartite secret sharing schemes

Optimizing the ratio between the maximum length of the shares and the length of the secret value in secret sharing schemes for general access structures is an extremely difficult and long-standing open problem. In this paper, we study it for bipartite access structures, in which the set of participants is divided in two parts, and all participants in each part play an equivalent role. We focus on the search of lower bounds by using a special class of polymatroids that is introduced here, the tripartite ones. We present a method based on linear programming to compute, for every given bipartite access structure, the best lower bound that can be obtained by this combinatorial method. In addition, we obtain some general lower bounds that improve the previously known ones, and we construct optimal secret sharing schemes for a family of bipartite access structures.Peer ReviewedPostprint (author's final draft

Finding lower bounds on the complexity of secret sharing schemes by linear programming

Optimizing the maximum, or average, length of the shares in relation to the length of the secret for every given access structure is a difficult and long-standing open problem in cryptology. Most of the known lower bounds on these parameters have been obtained by implicitly or explicitly using that every secret sharing scheme defines a polymatroid related to the access structure. The best bounds that can be obtained by this combinatorial method can be determined by using linear programming, and this can be effectively done for access structures on a small number of participants. By applying this linear programming approach, we improve some of the known lower bounds for the access structures on five participants and the graph access structures on six participants for which these parameters were still undetermined. Nevertheless, the lower bounds that are obtained by this combinatorial method are not tight in general. For some access structures, they can be improved by adding to the linear program non-Shannon information inequalities as new constraints. We obtain in this way new separation results for some graph access structures on eight participants and for some ports of non-representable matroids. Finally, we prove that, for two access structures on five participants, the combinatorial lower bound cannot be attained by any linear secret sharing schemePeer ReviewedPostprint (author's final draft

Secret Sharing Based on a Hard-on-Average Problem

The main goal of this work is to propose the design of secret sharing schemes based on hard-on-average problems. It includes the description of a new multiparty protocol whose main application is key management in networks. Its unconditionally perfect security relies on a discrete mathematics problem classiffied as DistNP-Complete under the average-case analysis, the so-called Distributional Matrix Representability Problem. Thanks to the use of the search version of the mentioned decision problem, the security of the proposed scheme is guaranteed. Although several secret sharing schemes connected with combinatorial structures may be found in the bibliography, the main contribution of this work is the proposal of a new secret sharing scheme based on a hard-on-average problem, which allows to enlarge the set of tools for designing more secure cryptographic applications

Ideal hierarchical secret sharing schemes

Hierarchical secret sharing is among the most natural generalizations of threshold secret sharing, and it has attracted a lot of attention from the invention of secret sharing until nowadays. Several constructions of ideal hierarchical secret sharing schemes have been proposed, but it was not known what access structures admit such a scheme. We solve this problem by providing a natural definition for the family of the hierarchical access structures and, more importantly, by presenting a complete characterization of the ideal hierarchical access structures, that is, the ones admitting an ideal secret sharing scheme. Our characterization deals with the properties of the hierarchically minimal sets of the access structure, which are the minimal qualified sets whose participants are in the lowest possible levels in the hierarchy. By using our characterization, it can be efficiently checked whether any given hierarchical access structure that is defined by its hierarchically minimal sets is ideal. We use the well known connection between ideal secret sharing and matroids and, in particular, the fact that every ideal access structure is a matroid port. In addition, we use recent results on ideal multipartite access structures and the connection between multipartite matroids and integer polymatroids. We prove that every ideal hierarchical access structure is the port of a representable matroid and, more specifically, we prove that every ideal structure in this family admits ideal linear secret sharing schemes over fields of all characteristics. In addition, methods to construct such ideal schemes can be derived from the results in this paper and the aforementioned ones on ideal multipartite secret sharing. Finally, we use our results to find a new proof for the characterization of the ideal weighted threshold access structures that is simpler than the existing one.Peer ReviewedPostprint (author's final draft

Exact information ratios for secret sharing on small graphs with girth at least 5

In a secret-sharing scheme, a piece of information – the secret – is distributed among a finite set of participants in such a way that only some predefined coalitions can recover it. The efficiency of the scheme is measured by the amount of information the most heavily loaded participant must remember. This amount is called information ratio, and one of the most interesting problems of this topic is to calculate the exact information ratio of given structures. In this paper, the information ratios of all but one graph-based schemes on 8 or 9 vertices with a girth at least 5 and all graph-based schemes on 10 vertices and 10 edges with a girth at least 5 are determined using two polyhedral combinatoric tools: the entropy method and covering with stars. Beyond the investigation of new graphs, the paper contains a few improvements and corrections of recent results on graphs with 9 vertices. Furthermore, we determine the exact information ratio of a large class of generalized sunlet graphs consisting of some pendant paths attached to a cycle of length at least 5