9

I am looking for a references for post-quantum threshold secret sharing schemes.

I am especially interested in knowing whether any one based on one-way compressor functions or cryptographic hashes exist.

The trivial secret sharing systems with $t=1$ and $t=n$ give information-theoretic security.

Here are some other alternatives that I don't know the security of:

  • Shamir's secret sharing - I don't know [Update: gives information-theoretic security]
  • Blakley's scheme - I don't know
  • The Chinese Remainder Theorem - It seems like it is a problem a quantum computer would easily solve.
user239558
  • 305
  • 1
  • 7

2 Answers2

8

I am not quite sure why you are looking for the kind you have mentioned in your question.

But good old Shamir's polynomial secret sharing over finite fields, look here, provides information theoretic secrecy, i.e., even a quantum computer will not help you to break the secrecy.

DrLecter
  • 12,675
  • 3
  • 44
  • 61
6

It would appear that (for example) Shamir's original threshold secret sharing scheme would meet the requirements of 'post-quantum' (that is, remain secure even if that attacker has access to a Quantum computer).

Let us assume that the shares were generated using a truly random stream; in that case, someone with $N-1$ shares (where $N$ is the threshold) does not have enough information to derive any information about the secret, even if we assumed that the attacker had unbounded computational resources.

Giving him a Quantum computer does not change this; hence Shamir's scheme already meets your criteria.

poncho
  • 154,064
  • 12
  • 239
  • 382