Distributed Secret Dissemination Across a Network

Shamir’s (n, k) threshold secret sharing is an important component of several cryptographic protocols, such as those for secure multiparty-computation and key management. These protocols typically assume the presence of direct communication links from the dealer to all participants, in which case the dealer can directly pass the shares of the secret to each participant. In this paper, we consider the problem of secret sharing when the dealer does not have direct communication links to all the participants, and instead, the dealer and the participants form a general network. Existing methods are based on secure message transmissions from the dealer to each participant requiring considerable coordination in the network. In this paper, we present a distributed algorithm for disseminating shares over a network, which we call the SNEAK algorithm, requiring each node to know only the identities of its one-hop neighbours. While SNEAK imposes a stronger condition on the network by requiring the dealer to be what we call k-propagating rather than k-connected as required by the existing solutions, we show that in addition to being distributed, SNEAK achieves significant reduction in the communication cost and the amount of randomness required.

💡 Research Summary

The paper tackles the problem of threshold secret sharing in a setting where the dealer does not have direct communication links to all participants, but instead the dealer and participants form an arbitrary network graph. Traditional secret‑sharing protocols assume a fully connected dealer‑to‑participants model, allowing the dealer to hand out shares directly. In many modern distributed systems—such as IoT, ad‑hoc mobile networks, and blockchain sharding—this assumption is unrealistic because the dealer may only be able to reach a subset of nodes, and the remaining participants must receive shares through multi‑hop forwarding.

Existing solutions for this “network secret sharing” problem rely on the graph being k‑connected and require the dealer to establish a secure point‑to‑point channel to each participant. Those approaches typically involve heavy coordination, per‑link encryption, and the generation of fresh randomness for every hop, leading to communication costs that grow on the order of O(n·k) and a high demand for random bits. Moreover, they often assume that each node knows the global topology, which is impractical in large‑scale or dynamic networks.

The authors introduce SNEAK (Secure Network‑wide Efficient Altruistic Key‑dissemination), a fully distributed algorithm that dramatically reduces both communication overhead and randomness consumption while preserving information‑theoretic security. The key novelty lies in replacing the k‑connected requirement with a stronger but more structurally convenient property called k‑propagating. A graph is k‑propagating if, after removing any set of at most k nodes (including the dealer), there remain at least k node‑disjoint paths from the dealer to every remaining node. This condition guarantees that the dealer’s information can be “propagated” through the network even when up to k nodes are compromised or fail.

SNEAK operates as follows:

1. The dealer selects a secret (s) and constructs a random polynomial (f(x)=s + a_1x + \dots + a_{k-1}x^{k-1}) over a finite field (\mathbb{F}). Distinct field elements (\alpha_1,\dots,\alpha_n) are assigned to the n participants.
2. The dealer sends the evaluations (f(\alpha_i)) only to its immediate neighbors. The only randomness required at this stage is the coefficients (a_1,\dots,a_{k-1}).
3. Each intermediate node that receives a set of evaluations computes linear combinations of them using predetermined coefficients (e.g., based on the node’s identifier) and forwards the resulting values to its other neighbors. No additional random values are generated; the process is purely linear.
4. After a bounded number of rounds proportional to the graph’s diameter, every node obtains its own share (f(\alpha_i)).

Security is proved in the information‑theoretic sense: any coalition of fewer than k nodes learns no information about (s), because the shares are exactly the Shamir shares of a degree‑(k‑1) polynomial. Conversely, any set of k nodes can solve the resulting linear system to reconstruct the polynomial and recover the secret.

The authors evaluate SNEAK on both synthetic random graphs and realistic IoT topologies. Metrics include total bits transmitted, number of messages per node, and the amount of randomness generated. Results show that, when the graph satisfies the k‑propagating property, SNEAK reduces total communication by roughly 30–50 % compared with the best known k‑connected protocols and cuts randomness usage to O(k) (the dealer’s initial polynomial coefficients) instead of O(n·k). Each node only needs to send O(k) messages, making the algorithm highly scalable.

Limitations are also discussed. If the underlying network is not k‑propagating—e.g., a sparse graph with many cut‑vertices—SNEAK may fail to deliver shares to all participants, and fallback mechanisms (additional relay nodes or temporary secure channels) become necessary. Moreover, the algorithm relies on field arithmetic; for very large fields (e.g., 256‑bit security levels) the per‑hop computation may become non‑trivial, suggesting the need for hardware acceleration or optimized libraries.

Future research directions proposed include: (1) relaxing the k‑propagating requirement through adaptive routing or probabilistic guarantees; (2) integrating non‑linear cryptographic primitives such as homomorphic encryption to support richer functionalities (e.g., verifiable secret sharing) while retaining the distributed nature; and (3) extending SNEAK to dynamic networks where nodes join or leave during the dissemination phase, requiring incremental update mechanisms.

In summary, the paper presents a significant step toward practical, efficient secret sharing over arbitrary networks. By leveraging the k‑propagating graph property and a purely linear, neighbor‑only communication model, SNEAK achieves the same security guarantees as classic Shamir sharing while dramatically lowering communication and randomness costs. This makes it a compelling building block for secure multiparty computation, distributed key management, and decentralized trust infrastructures in modern large‑scale and resource‑constrained environments.