Combinatorial Repairability for Threshold Schemes
This addresses a specific security issue in threshold schemes for cryptography, offering incremental improvements in efficiency and security.
The paper tackles the problem of repairing lost or corrupted shares in a (k,n)-threshold scheme without dealer involvement, proposing two methods: one based on an existing enrollment protocol and another using combinatorial designs that trades larger shares for lower communication complexity.
In this paper, we consider methods whereby a subset of players in a $(k,n)$-threshold scheme can "repair" another player's share in the event that their share has been lost or corrupted. This will take place without the participation of the dealer who set up the scheme. The repairing protocol should not compromise the (unconditional) security of the threshold scheme, and it should be efficient, where efficiency is measured in terms of the amount of information exchanged during the repairing process. We study two approaches to repairing. The first method is based on the "enrollment protocol" from \cite{NSG} which was originally developed to add a new player to a threshold scheme (without the participation of the dealer) after the scheme was set up. The second method distributes "multiple shares" to each player, as defined by a suitable combinatorial design. This method results in larger shares, but lower communication complexity, as compared to the first method.