The Torsion-Limit for Algebraic Function Fields and Its Application to Arithmetic Secret Sharing

  • Ignacio Cascudo
  • Ronald Cramer
  • Chaoping Xing
Part of the Lecture Notes in Computer Science book series (LNCS, volume 6841)


An (n,t,d,n − t)-arithmetic secret sharing scheme (with uniformity) for \(\mathbb F_{q}^k\) over \(\mathbb F_{q}\) is an \(\mathbb F_{q}\)-linear secret sharing scheme where the secret is selected from \(\mathbb F_{q}^k\) and each of the n shares is an element of \(\mathbb F_{q}\). Moreover, there is t-privacy (in addition, any t shares are uniformly random in \(\mathbb F_{q}^t\)) and, if one considers the d-fold “component-wise” product of any d sharings, then the d-fold component-wise product of the d respective secrets is (n − t)-wise uniquely determined by it. Such schemes are a fundamental primitive in information-theoretically secure multi-party computation. Perhaps counter-intuitively, secure multi-party computation is a very powerful primitive for communication-efficient two-party cryptography, as shown recently in a series of surprising results from 2007 on. Moreover, the existence of asymptotically good arithmetic secret sharing schemes plays a crucial role in their communication-efficiency: for each d ≥ 2, if A(q) > 2d, where A(q) is Ihara’s constant, then there exists an infinite family of such schemes over \(\mathbb F_{q}\) such that n is unbounded, k = Ω(n) and t = Ω(n), as follows from a result at CRYPTO’06. Our main contribution is a novel paradigm for constructing asymptotically good arithmetic secret sharing schemes from towers of algebraic function fields. It is based on a new limit that, for a tower with a given Ihara limit and given positive integer ℓ, gives information on the cardinality of the ℓ-torsion sub-groups of the associated degree-zero divisor class groups and that we believe is of independent interest. As an application of the bounds we obtain, we relax the condition A(q) > 2d from the CRYPTO’06 result substantially in terms of our torsion-limit. As a consequence, this result now holds over nearly all finite fields \(\mathbb F_{q}\). For example, if d = 2, it is sufficient that q = 8,9 or q ≥ 16.


Zeta Function Secret Sharing Abelian Variety Algebraic Curf Algebraic Function 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


  1. 1.
    Bassa, A., Garcia, A., Stichtenoth, H.: A new tower over cubic finite fields. Moscow Mathematical Journal 8(3), 401–418 (2008)MathSciNetzbMATHGoogle Scholar
  2. 2.
    Ben-Or, M., Goldwasser, S., Wigderson, A.: Completeness theorems for non-cryptographic fault-tolerant distributed computation. In: Proceedings of STOC 1988, pp. 1–10. ACM Press, New York (1988)Google Scholar
  3. 3.
    Bezerra, J., Garcia, A., Stichtenoth, H.: An explicit tower of function fields over cubic finite fields and Zink’s lower bound. J. Reine Angew. Math. 589, 159–199 (2005)MathSciNetzbMATHCrossRefGoogle Scholar
  4. 4.
    Cascudo, I., Chen, H., Cramer, R., Xing, C.: Asymptotically Good Ideal Linear Secret Sharing with Strong Multiplication over Any Finite Field. In: Halevi, S. (ed.) CRYPTO 2009. LNCS, vol. 5677, pp. 466–486. Springer, Heidelberg (2009)CrossRefGoogle Scholar
  5. 5.
    Cascudo, I., Cramer, R., Xing, C.: Upper Bounds on Asymptotic Optimal Corruption Tolerance in Strongly Multiplicative Linear Secret Sharing (2009) (manuscript)Google Scholar
  6. 6.
    Chaum, D., Crépeau, C., Damgaard, I.: Multi-party unconditionally secure protocols. In: Proceedings of STOC 1988, pp. 11–19. ACM Press, New York (1988)Google Scholar
  7. 7.
    Chen, H., Cramer, R.: Algebraic Geometric Secret Sharing Schemes and Secure Multi-Party Computations over Small Fields. In: Dwork, C. (ed.) CRYPTO 2006. LNCS, vol. 4117, pp. 516–531. Springer, Heidelberg (2006)CrossRefGoogle Scholar
  8. 8.
    Chen, H., Cramer, R., Goldwasser, S., de Haan, R., Vaikuntanathan, V.: Secure Computation from Random Error Correcting Codes. In: Naor, M. (ed.) EUROCRYPT 2007. LNCS, vol. 4515, pp. 329–346. Springer, Heidelberg (2007)CrossRefGoogle Scholar
  9. 9.
    Chen, H., Cramer, R., de Haan, R., Cascudo Pueyo, I.: Strongly multiplicative ramp schemes from high degree rational points on curves. In: Smart, N.P. (ed.) EUROCRYPT 2008. LNCS, vol. 4965, pp. 451–470. Springer, Heidelberg (2008)CrossRefGoogle Scholar
  10. 10.
    Cramer, R., Damgaard, I., Maurer, U.: General secure multi-party computation from any linear secret sharing scheme. In: Preneel, B. (ed.) EUROCRYPT 2000. LNCS, vol. 1807, p. 316. Springer, Heidelberg (2000)CrossRefGoogle Scholar
  11. 11.
    Cramer, R., Damgaard, I., Pastro, V.: On the Amortized Complexity of Zero Knowledge Protocols for Multiplicative Relations (2010) (manuscript)Google Scholar
  12. 12.
    Cramer, R., Daza, V., Gracia, I., Jiménez Urroz, J., Leander, G., Martí-Farré, J., Padró, C.: On codes, matroids and secure multi-party computation from linear secret sharing schemes. IEEE Transactions on Information Theory 54, 2644–2657 (2008); Earlier version: CRYPTO 2005zbMATHCrossRefGoogle Scholar
  13. 13.
    Damgaard, I., Ishai, Y., Krøigaard, M.: Perfectly Secure Multiparty Computation and the Computational Overhead of Cryptography. In: Gilbert, H. (ed.) EUROCRYPT 2010. LNCS, vol. 6110, pp. 445–465. Springer, Heidelberg (2010)CrossRefGoogle Scholar
  14. 14.
    Duursma, I., Mak, K.-H.: On lower bounds for the Ihara constants A(2) and A(3). preprint (2011),
  15. 15.
    Franklin, M., Yung, M.: Communication Complexity of Secure Computation. In: ACM STOC 1992, pp. 699–710Google Scholar
  16. 16.
    Garcia, A., Stichtenoth, H.: A tower of Artin-Schreier extensions of function fields attaining the Drinfeld-Vlǎduţ bound. Invent. Math. 121, 211–222 (1995)MathSciNetzbMATHCrossRefGoogle Scholar
  17. 17.
    Garcia, A., Stichtenoth, H.: On the asymptotic behavior of some towers of function fields over finite fields. J. Number Theory 61, 248–273 (1996)MathSciNetzbMATHCrossRefGoogle Scholar
  18. 18.
    Harnik, D., Ishai, Y., Kushilevitz, E., Nielsen, J.: OT-Combiners via Secure Computation. In: Canetti, R. (ed.) TCC 2008. LNCS, vol. 4948, pp. 393–411. Springer, Heidelberg (2008)CrossRefGoogle Scholar
  19. 19.
    Hirschfeld, J.W.P., Korchmáros, G., Torres, F.: Algebraic Curves of Finite Fields. Princeton Series in Applied Mathematics (2008)Google Scholar
  20. 20.
    Ihara, Y.: Some remarks on the number of rational points of algebraic curves over finite fields. J. Fac. Sci. Tokyo 28(3), 721–724 (1981)MathSciNetzbMATHGoogle Scholar
  21. 21.
    Ishai, Y., Kushilevitz, E., Ostrovsky, R., Prabhakaran, M., Sahai, A., Wullschleger, J.: Constant-rate OT from Noisy Channels. These proceedings, CRYPTO (2011)Google Scholar
  22. 22.
    Ishai, Y., Kushilevitz, E., Ostrovsky, R., Sahai, A.: Extracting Correlations. In: Proc. 50th IEEE FOCS, pp. 261–270 (2009)Google Scholar
  23. 23.
    Ishai, Y., Kushilevitz, E., Ostrovsky, R., Sahai, A.: Zero-knowledge from secure multiparty computation. In: Proceedings of 39th STOC, San Diego, Ca., USA, pp. 21–30 (2007)Google Scholar
  24. 24.
    Ishai, Y., Prabhakaran, M., Sahai, A.: Founding Cryptography on Oblivious Transfer-Efficiently. In: Wagner, D. (ed.) CRYPTO 2008. LNCS, vol. 5157, pp. 572–591. Springer, Heidelberg (2008)Google Scholar
  25. 25.
    Lachaud, G., Martin-Deschamps, M.: Deschamps Nombre de points des jacobiennes sur un corps fini. Acta Arith. 56, 329–340 (1990)MathSciNetzbMATHGoogle Scholar
  26. 26.
    Milne, J.S.: Abelian Varities. Online Lecture Notes (2009)Google Scholar
  27. 27.
    Mumford, D.: Abelian Varieties. Oxford University Press, Oxford (1970)zbMATHGoogle Scholar
  28. 28.
    Niederreiter, H., Xing, C.: Low-Discrepancy Sequences and Global Function Fields with Many Rational Places. Finite Fields and Their Applications 2, 241–273 (1996)MathSciNetzbMATHCrossRefGoogle Scholar
  29. 29.
    Niederreiter, H., Xing, C.: Rational points on curves over finite fields-theory and applications, Cambridge (2000)Google Scholar
  30. 30.
    Rosen, M.: Number Theory in Function Fields. GTM, Springer (2001)Google Scholar
  31. 31.
    Serre, J.-P.: Rational points on curves over finite fields. Harvard University, Cambridge (1985)Google Scholar
  32. 32.
    Shamir, A.: How to share a secret. Comm. of the ACM 22(11), 612–613 (1979)MathSciNetzbMATHCrossRefGoogle Scholar
  33. 33.
    Shparlinski, I., Tsfasman, M., Vlǎduţ, S.: Curves with many points and multiplication in finite fields. Lecture Notes in Math., vol. 1518, pp. 145–169. Springer, Berlin (1992)Google Scholar
  34. 34.
    Stichtenoth, H.: Algebraic function fields and codes. Springer, Heidelberg (1993) (new edition: 2009)zbMATHGoogle Scholar
  35. 35.
    Tsfasman, M., Vlǎduţ, S.: Modular curves, Shimura curves, and Goppa codes, better than Varshamov Gilbert bound. Math. Nachr. 109, 21–28 (1982)MathSciNetzbMATHCrossRefGoogle Scholar
  36. 36.
    Vlǎduţ, S.G.: An exhaustion bound for algebro-geometric modular codes. Probl. Inf. Transm. 23, 22–34 (1987)Google Scholar
  37. 37.
    Vlǎduţ, S.G., Drinfeld, V.G.: Number of points of an algebraic curves. Funct. Anal. Appl. 17, 53–54 (1983)CrossRefGoogle Scholar
  38. 38.
    Weil, A.: Variétés Abéliennes et Courbes Algébriques. Hermann, Paris (1948)zbMATHGoogle Scholar
  39. 39.
    Xing, C.: Algebraic geometry codes with asymptotic parameters better than the Gilbert-Varshamov and the Tsfasman-Vlǎduţ-Zink bounds. IEEE Trans. on Inf. Theory 47(1), 347–352 (2001)zbMATHCrossRefGoogle Scholar
  40. 40.
    Xing, C.: Goppa Geometric Codes Achieving the Gilbert-Varshamov Bound. IEEE Trans. on Inf. Theory 51(1), 259–264 (2005)CrossRefGoogle Scholar
  41. 41.
    Xing, C., Ling, Y.S.: Algebraic curves with many points over the binary field. J. Algebra 311, 775–780 (2007)MathSciNetzbMATHCrossRefGoogle Scholar
  42. 42.
    Zink, T.: Degeneration of Shimura surface and a problem in coding theory. In: Budach, L. (ed.) FCT 1985. LNCS, vol. 199, pp. 503–511. Springer, Heidelberg (1985)CrossRefGoogle Scholar

Copyright information

© International Association for Cryptologic Research 2011

Authors and Affiliations

  • Ignacio Cascudo
    • 1
  • Ronald Cramer
    • 2
  • Chaoping Xing
    • 3
  1. 1.CWI AmsterdamThe Netherlands
  2. 2.CWI Amsterdam & Mathematical InstituteLeiden UniversityThe Netherlands
  3. 3.Division of Mathematical SciencesNanyang Technological UniversitySingapore

Personalised recommendations