有容錯性的可公開驗證的秘密分享與其在部分金鑰託管上的應用

Abstract

可公開驗證的秘密分享 (Publicly Verifiable Secret Sharing, PVSS) 是一種重要的密碼學元件，擁有著許多的應用。然而，在某些 PVSS 的協定中，無效份額的存在會阻止秘密重建的可行性，進而限制其在特定情境下的應用。為了解決這個限制，我們引入了有容錯性的可公開驗證秘密分享 (Fault-Tolerant Publicly Verifiable Secret Sharing, FT-PVSS) 的概念，目的在確保能在份額中有一部份無效時仍能有效進行秘密重建。我們的貢獻包含一個基於多項式承諾 (Polynomial Commitment) 與零知識證明系統 (zk-SNARK) 而成的 FT-PVSS 協定。此外，我們透過將 FT-PVSS 應用於一個新的部分金鑰託管 (Partial Key Escrow) 協定，展示了其實際效益。由此產生的解決方案繼承了容錯特性，使其在更容易發生錯誤的現實世界環境中更加穩健。

Publicly Verifiable Secret Sharing (PVSS) is an important cryptographic primitive with many applications. However, in some PVSS constructions, the presence of invalid shares can prevent the secret from being reconstructed, hindering its applicability in certain use cases. To overcome this limitation, we introduce the concept of Fault-Tolerant Publicly Verifiable Secret Sharing (FT-PVSS), designed to ensure that secret reconstruction can proceed efficiently, even if a subset of the shares are corrupted. Our contribution includes an FT-PVSS constructed by combining a Polynomial Commitment scheme with the capabilities of zk-SNARK proof systems. Furthermore, we demonstrate a practical benefit of FT-PVSS by applying it to a new Partial Key Escrow scheme. This resulting scheme inherits the fault-tolerant property, making it more robust in a real-world setting where errors are more likely to occur.