Next talk

Traceable Secret Sharing and Applications

Akshayaram Srinivasan, TIFR Mumbai


Abstract:

Consider a scenario where Alice stores some secret data s on n servers using a t-out-of-n secret sharing scheme. Trudy (the collector) is interested in the secret data of Alice and is willing to pay for it. Trudy publishes an advertisement on the internet which describes an elaborate cryptographic scheme to collect the shares from the n servers. Each server who decides to submit its share is paid a hefty monetary reward and is guaranteed ``immunity" from being caught or prosecuted in a court for violating its service agreement with Alice. Bob is one of the servers and sees this advertisement. On examining the collection scheme closely, Bob concludes that there is no way for Alice to prove anything in a court that he submitted his share. Indeed, if Bob is rational, he might use the cryptographic scheme in the advertisement and submit his share since there are no penalties and no fear of being caught and prosecuted. Can we design a secret sharing scheme which Alice can use to avoid such a scenario?


We introduce a new primitive called Traceable Secret Sharing to tackle this problem. In particular, a traceable secret sharing scheme guarantees that a cheating server always runs the risk of getting traced and prosecuted by providing valid evidence (which can be examined in a court of law) implicating its dishonest behavior. We explore various definitional aspects and show how they are highly non-trivial to construct (even ignoring efficiency aspects). We then give an efficient construction of traceable secret sharing assuming the existence of secure two-party computation protocol. We also show an application of this primitive in the constructing traceable protocols for multi-server delegation of computation.


This is based on joint work with Vipul Goyal and Yifan Song


Bio:


Akshayaram Srinivasan is a Reader in the School of Technology and Computer Science at Tata Institute of Fundamental Research, Mumbai. He obtained his PhD in Computer Science from University of California, Berkeley and his B.Tech in Computer Science from IIT-Madras. His primary research interests are in the theory and applications of Cryptography. His research has been recognized with a Best Paper Award at EUROCRYPT 2018 and with an invitation to the Journal of Cryptology for a paper in CRYPTO 2019.