International Association for Cryptologic Research (IACR)
Abstract
Rational secret sharing protocols in both the two-party and
multi-party settings are proposed. These protocols are built in
standard communication networks and with unconditional security.
Namely, the protocols run over standard point-to-point networks
without requiring physical assumptions or simultaneous channels, and
even a computationally unbounded player cannot gain more than
ϵ by deviating from the protocol. More precisely, for the
2-out-of-2 protocol the ϵ is a negligible function in
the size of the secret, which is caused by the information-theoretic
MACs used for authentication. The t-out-of-n protocol is
(t−1)-resilient and the ϵ is exponentially small in the
number of participants. Although secret recovery cannot be
guaranteed in this setting, a participant can at least reduce the
Shannon entropy of the secret to less than 1 after the protocol.
When the secret-domain is large, every rational player has great
incentive to participate in the protocol