(Server-Aided) Two-Party Multiplication of Encrypted Shares Using (<i>k, n</i>) Threshold Secret Sharing With <i>N ≥ k</i> Servers
Ahmad Akmal Aminuddin Mohd Kamal, Keiichi Iwamura
Abstract
Two-party computation allows two clients to jointly compute an arbitrary function of their inputs without revealing these inputs to each other. In this study, we adopt a server-aided model, in which a set of computing servers performs computation using the inputs of two clients. In the (k, n) threshold secret sharing scheme, input s is divided into n shares and can be recovered from k shares, where k is a threshold. Typically, the multiplication of shares increases the polynomial's degree from (k-1) to (2k-2), thus increasing the number of shares required from k to 2k-1. Because each server typically holds only one share, the number of servers required also increases to 2k-1. Therefore, a set of n servers can compute multiplication securely only if the adversary corrupts at most k-1 <; n/2 servers. In this study, we differentiate N, which is the number of required servers, and n, which is the parameter of the (k, n) threshold secret sharing scheme. We propose a method of multiplication by using only N ≥ k servers. This is implemented by sending two shares of the same input to each server. In a “normal” method, sending multiple shares to one server violates security because k shares can be leaked from k-1 servers. We overcome this by implementing a different functionality, where each share is first encrypted with a different random number (encrypted share) before being sent to a server. Instead of the “normal shares” of ab, our protocol computes the encrypted shares of ab using the encrypted shares of a and b. We show that the proposed method is secure against a non-colluding semi-honest adversary. Moreover, we implement our method in MATLAB and show its efficiency.