Distributed Multi-User Secret Sharing
A distributed secret sharing system is considered that consists of a dealer, n storage nodes, and m users. Each user is given access to a certain subset of storage nodes where it can download the data. The dealer wants to securely convey a specific secret s_j to user j via storage nodes, for j=1,2,...,m, in such a way that no user gets any information about other users' secrets in an information-theoretic sense. To this end, we propose to study protocols where the dealer encodes secrets into several secret shares and loads them into the storage nodes. Given a certain number of storage nodes we find the maximum number of users that can be served in such protocols and construct schemes that achieve this. We further define two major properties for such distributed secret sharing systems; communication complexity is defined as the total amount of data that needs to be downloaded by users in order to reconstruct their secrets; and storage overhead is defined as the total amount of data loaded by the dealer into the storage nodes normalized by the total size of secrets. The minimum possible communication complexity and a lower bound on storage overhead are characterized given any n and m. Furthermore, we construct distributed secret sharing protocols, under certain conditions on the system parameters, that achieve the minimum communication complexity and attain the lower bound on the storage overhead thereby providing schemes that are optimal in terms of both the communication complexity and storage overhead. It is shown how to modify the proposed protocols in order to construct schemes for any set of parameters while providing a nearly optimal storage overhead.
READ FULL TEXT