Conditional Disclosure of Secrets via Non-linear Reconstruction

© International Association for Cryptologic Research 2017. We present new protocols for conditional disclosure of secrets (CDS), where two parties want to disclose a secret to a third party if and only if their respective inputs satisfy some predicate. – For general predicates (Formula Presented.), we present two protocols that achieve o(N1/2) communication: the first achieves O(N1/3) communication and the second achieves sub-polynomial (Formula Presented.) communication. – As a corollary, we obtain improved share complexity for forbidden graph access structures. Namely, for every graph on N vertices, there is a secret-sharing scheme for N parties in which each pair of parties can reconstruct the secret if and only if the corresponding vertices in G are connected, and where each party gets a share of size (Formula Presented.). Prior to this work, the best protocols for both primitives required communication complexity (Formula Presented.). Indeed, this is essentially the best that all prior techniques could hope to achieve as they were limited to so-called “linear reconstruction”. This is the first work to break this O(N1/2) “linear reconstruction” barrier in settings related to secret sharing. To obtain these results, we draw upon techniques for non-linear reconstruction developed in the context of information-theoretic private information retrieval. We further extend our results to the setting of private simultaneous messages (PSM), and provide applications such as an improved attribute-based encryption (ABE) for quadratic polynomials.