This work investigates the design of sparse secret sharing schemes that encode a sparse private matrix into sparse shares. This investigation is motivated by distributed computing, where the multiplication of sparse and private matrices is moved from a computationally weak main node to untrusted worker machines. Classical secret-sharing schemes produce dense shares. However, sparsity can help speed up the computation. We show that, for matrices with i.i.d. entries, sparsity in the shares comes at a fundamental cost of weaker privacy. We derive a fundamental tradeoff between sparsity and privacy and construct optimal sparse secret sharing schemes that produce shares that leak the minimum amount of information for a desired sparsity of the shares. We apply our schemes to distributed sparse and private matrix multiplication schemes with no colluding workers while tolerating stragglers. For the setting of two non-communicating clusters of workers, we design a sparse one-time pad so that no private information is leaked to a cluster of untrusted and colluding workers, and the shares with bounded but non-zero leakage are assigned to a cluster of partially trusted workers. We conclude by discussing the necessity of using permutations for matrices with correlated entries.

中文翻译：

---

秘密共享中的稀疏性和隐私：基本的权衡

这项工作研究了稀疏秘密共享方案的设计，该方案将稀疏私有矩阵编码为稀疏共享。这项研究是由分布式计算推动的，其中稀疏矩阵和私有矩阵的乘法从计算能力较弱的主节点转移到不受信任的工作机器。经典的秘密共享方案产生密集的共享。然而，稀疏性可以帮助加快计算速度。我们表明，对于具有独立同分布条目的矩阵，份额的稀疏性是以隐私性较弱为基本代价的。我们得出稀疏性和隐私之间的基本权衡，并构建最佳的稀疏秘密共享方案，该方案产生的共享会泄漏最少的信息量，从而实现所需的共享稀疏性。我们将我们的方案应用于分布式稀疏和私有矩阵乘法方案，没有共谋的工人，同时容忍落后者。对于两个不通信的工作集群的设置，我们设计了一种稀疏的一次性密码本，这样就不会将私人信息泄露给一组不受信任和共谋的工作人员，并且将有界但非零泄漏的共享分配给一个部分信任的工作人员集群。最后，我们讨论了对具有相关条目的矩阵使用排列的必要性。