Protecting Distributed Primitives Against Leakage: Equivocal Secret Sharing and More

Carmit Hazay, Muthuramakrishnan Venkitasubramaniam, Mor Weiss

Research output: Chapter in Book/Report/Conference proceedingConference contributionpeer-review


Leakage-resilient cryptography aims to protect cryptographic primitives from so-called “side channel attacks” that exploit their physical implementation to learn their input or secret state. Starting from the works of Ishai, Sahai and Wagner (CRYPTO'03) and Micali and Reyzin (TCC'04), most works on leakage-resilient cryptography either focus on protecting general computations, such as circuits or multiparty computation protocols, or on specific non-interactive primitives such as storage, encryption and signatures. This work focuses on leakage-resilience for the middle ground, namely for distributed and interactive cryptographic primitives. Our main technical contribution is designing the first secret-sharing scheme that is equivocal, resists adaptive probing of a constant fraction of bits from each share, while incurring only a constant blowup in share size. Equivocation is a strong leakage-resilience guarantee, recently introduced by Hazay et al. (ITC'21). Our construction is obtained via a general compiler which we introduce, that transforms any secret-sharing scheme into an equivocal scheme against adaptive leakage. An attractive feature of our compiler is that it respects additive reconstruction, namely, if the original scheme has additive reconstruction, then the transformed scheme has linear reconstruction. We extend our compiler to a general paradigm for protecting distributed primitives against leakage, and show its applicability to various primitives, including secret sharing, verifiable secret sharing, function secret sharing, distributed encryption and signatures, and distributed zero-knowledge proofs. For each of these primitives, our paradigm transforms any construction of the primitive into a scheme that resists adaptive party corruptions, as well as adaptive probing leakage of a constant fraction of bits in each share when the share is stored in memory (but not when it is used in computations). Moreover, the transformation incurs only a constant blowup in the share size, and respects additive reconstruction - an important feature for several of these primitives, such as function secret sharing and distributed encryption.

Original languageEnglish
Title of host publication3rd Conference on Information-Theoretic Cryptography, ITC 2022
EditorsDana Dachman-Soled
PublisherSchloss Dagstuhl- Leibniz-Zentrum fur Informatik GmbH, Dagstuhl Publishing
ISBN (Electronic)9783959772389
StatePublished - 1 Jul 2022
Event3rd Conference on Information-Theoretic Cryptography, ITC 2022 - Cambridge, United States
Duration: 5 Jul 20227 Jul 2022

Publication series

NameLeibniz International Proceedings in Informatics, LIPIcs
ISSN (Print)1868-8969


Conference3rd Conference on Information-Theoretic Cryptography, ITC 2022
Country/TerritoryUnited States

Bibliographical note

Publisher Copyright:
© Carmit Hazay, Muthuramakrishnan Venkitasubramaniam, and Mor Weiss; licensed under Creative Commons License CC-BY 4.0


  • Distributed Zero-Knowledge Proofs
  • Equivocal Secret Sharing
  • Function Secret Sharing
  • Leakage Resilience
  • Secret Sharing
  • Threshold Encryption
  • Verifiable Secret Sharing


Dive into the research topics of 'Protecting Distributed Primitives Against Leakage: Equivocal Secret Sharing and More'. Together they form a unique fingerprint.

Cite this