← News
Tech for Good Tech for Good Frontiers

The Secret Is in the Network: How Math Reveals the Optimal Way to Hide Information Across Connected Systems

The Secret Is in the Network: How Math Reveals the Optimal Way to Hide Information Across Connected Systems
Survivability And Security Framework balances two requirements
No Global Network Knowledge Needed Method uses local information only
Minimal Information-Carrying Subgraphs (MICS) Key concept introduced
Effective Spin Hamiltonian Mathematical mapping found

When a Network Betrays You

Imagine you've divided your most sensitive secret into a thousand pieces and scattered them across a thousand different computers. The encryption is unbreakable. Each fragment alone is useless. By every conventional measure, your information is safe.

Now imagine a hurricane takes out half the network. Or a coordinated ransomware attack disables most of the machines. Can you still recover your secret?

This isn't a hypothetical. It's the fundamental tension at the heart of distributed storage — and it's one that most security discussions completely ignore. They focus on encryption strength, key management, authentication protocols. They treat the network as a neutral pipe. But where you place those fragments matters as much as how you encrypt them.

Vinko Zlatić, a researcher at the Ruđer Bošković Institute in Zagreb, has spent years thinking about this problem. His new paper, "Robust secret storage in networks," doesn't just identify this gap — it builds an entire mathematical framework for thinking about it rigorously. He introduces a single quantity he calls the robustness functional — a single number that captures the twin goals of keeping your data alive through network disasters while keeping it locked away from adversaries. And he shows something remarkable: you don't need to know everything about your network to place information optimally. Local knowledge can be nearly as good.

This isn't abstract mathematics. Zlatić has in mind systems that work like BitTorrent but for secure data — trusted distributed storage where no single computer holds everything, reducing both the risk of catastrophic loss and the storage burden on any individual machine. The mathematics he develops is the first step toward building them properly.

The Core Contradiction

Before diving into Zlatić's solution, it's worth sitting with the problem he starts from. It's almost a philosophical paradox.

On one side: you want your secret to survive. The best way to ensure this, in purely probabilistic terms, is to copy everything everywhere. If every vertex in your network holds the complete secret, then the secret survives as long as even one machine survives. The math is straightforward: for a network of size |Γ|, survivability becomes 1 - p^|Γ|, where p is the probability that any given vertex fails. As long as p is less than 1 — which it always is — this approaches 1 as the network grows.

On the other side: you want your secret to resist hacking. And the best way to make it hard to steal is the opposite strategy — spread pieces so thinly that an attacker would need to compromise nearly every machine to reassemble anything. Here the hackability, which measures the probability that a random attack collects the full secret, becomes 1 - (1-q)^|Γ|, where q is the probability any given vertex is compromised. To minimize this, you want (1-q)^|Γ| to be large — which means spreading the secret so thin that compromising any one machine gets the attacker almost nothing.

These two goals are in direct conflict. Maximize one and you minimize the other. The obvious solution — copy everywhere — makes theft trivial. The security-obsessed solution — fragment everything — makes recovery nearly impossible when the network degrades.

Zlatić's insight is that this tradeoff has structure. It's not random chaos where you simply pick a compromise point and hope. The underlying network topology creates specific, quantifiable constraints. And by understanding those constraints mathematically, you can find placements that are genuinely optimal — not just vaguely balanced.

A Network of Vertices and Symbols

The formal setup works like this. You have a network, which Zlatić denotes Γ, represented by its adjacency matrix — essentially a map of which vertices connect to which. You have information X that can be divided into N separate symbols or pieces, written as X = {X₁, X₂, ..., Xₙ}. The key property is that the information is completely useless unless all N pieces are obtained together.

Your task is to assign each symbol to some subset of vertices. The assignment is called a configuration χ. A vertex might hold one symbol, multiple symbols, or — in the simplest case — be assigned a particular combination. The configuration maps vertices to collections of symbols.

Once the information is placed, two independent processes can unfold. First, there's network failure: each vertex independently survives with probability p̄ = 1-p and fails with probability p. A hurricane, a blackout, a cascading hardware failure — whatever the mechanism, vertices disappear. Second, there's adversarial hacking: each vertex is independently compromised with probability q, giving the attacker whatever information that vertex held.

The goal is to find a configuration χ that maximizes survivability while minimizing hackability. But here's where it gets interesting: the network topology shapes both probabilities simultaneously.

Consider two configurations on the same network. In one, the symbols are clustered on adjacent vertices — if those vertices are close together in the network, they might all fail together, or an attacker who compromises one might be statistically more likely to compromise its neighbors. In the other configuration, the symbols are spread across the network's most robust components, placed on vertices that serve as bridges between otherwise disconnected regions. The underlying network creates correlations between survival and compromise events — and those correlations matter enormously.

Three Quantities That Capture Everything

Zlatić reduces this sprawling problem to three mathematical quantities. Once you understand these, the rest of the paper opens up.

The first is survivability, denoted S(p, χ). This is simply the probability that after vertices fail according to p, there remains at least one connected subgraph — one cluster of surviving vertices — that contains the complete set of symbols. Notice the qualifier: a single connected subgraph. If your symbols are scattered across multiple disconnected surviving clusters, the information is lost. Connectivity matters. A network that fragments under failure cannot preserve distributed information even if every individual piece survives somewhere.

The second is hackability, denoted H(q, χ). This is the probability that after vertices are compromised according to q, the union of all hacked vertices contains the complete information. Here connectivity doesn't matter — if the attacker gets pieces from disconnected regions, they can reassemble them centrally. The adversarial process doesn't care about topology the way survival does.

The third quantity, which unifies the first two, is the robustness functional:

The parameter α captures something important: what's the relative likelihood that the network will face a failure event versus an attack event? If α is high, failures dominate your concerns. If α is low, attacks are the primary threat. The functional is essentially a weighted average of survivability (multiplied by α) and the complement of hackability (multiplied by 1-α).

In his framework, Zlatić derives this as a conditional probability — the probability that information has survived and was not hacked, given the parameters and the configuration. It's a single number that summarizes how well a particular placement balances the two competing goals.

The Geometry of Survival: MICS

The most technically innovative part of Zlatić's paper is his treatment of survivability. Computing it exactly — enumerating all possible failure scenarios, checking which ones preserve the complete information — is computationally intractable for any reasonably large network. The number of possible failure outcomes grows exponentially with network size. Even for a moderately sized network, it's hopeless.

Zlatić's key move is to notice that most of those computations are redundant. Not all subgraphs matter — only those that could possibly contain the complete information. He introduces the concept of minimal information-carrying subgraphs, or MICS.

A MICS is a connected subgraph that contains all N symbols, but has no proper sub-subgraph that also contains all N symbols. It's the smallest possible subgraph that still preserves the information. Think of it as a minimal viable cluster.

The crucial insight is that survivability can be rewritten entirely in terms of MICS. Zlatić shows that the survivability functional takes the form of a polynomial in p̄:

where the coefficients a_r depend on the configuration and the network's MICS structure. This is a classic inclusion-exclusion expansion. Rather than checking every possible subgraph outcome, you sum over the minimal information-carrying ones. The polynomial captures all the relevant correlations between vertex failures.

Zlatić provides a worked example using a simple 10-vertex network with 4 symbols (a, b, c, d). The original network has 14 possible MICS configurations. In one configuration, two MICS of size 2 exist: vertices {2,6} and {6,8}. Three MICS of size 3 exist: {1,2,3}, {2,3,4}, {5,6,9}, and {6,7,9}. For this specific configuration, the survivability takes the compact form:

The alternating signs reflect the inclusion-exclusion structure: you're adding contributions from small MICS, subtracting overlaps between them, adding back corrections for triple overlaps, and so on. What looks like a messy polynomial is actually a precise accounting of all the ways information could survive through different failure configurations.

This representation is exact. But more importantly, it reveals structure that enables approximation.

Semi-Local Computation: The Approximation That Changes Everything

The exact MICS representation is still intractable for large networks. You need to enumerate all minimal information-carrying subgraphs, which grows combinatorially. But Zlatić shows that you can approximate survivability without doing this global enumeration — using only local neighborhood information.

The intuition comes from network resilience research. When vertices fail randomly, the size of surviving components typically decays exponentially with the failure probability. Most surviving clusters are small. This means you can truncate the polynomial — only consider MICS up to some maximum size M — and the error will be small, bounded by:

for locally tree-like graphs with average degree z. The bound decays exponentially in M. Choose M large enough to capture the relevant neighborhood radius, and the approximation becomes essentially perfect for practical purposes.

Zlatić develops two approximation levels. The first, S_{R1}, uses a product form over vertices:

where P_v^{(R)} is the probability that the radius-R neighborhood around vertex v contains the complete information. This is computationally cheap — you only need to examine each vertex's local neighborhood — but it's relatively loose.

The second, S_{R2}, uses a more refined inclusion-exclusion formula that better captures overlaps between local neighborhoods:

This is a sum over subsets of vertices, but each term depends only on local MICS rooted in those vertices. The radius R determines the size of neighborhoods you consider, which in turn determines the approximation quality.

Zlatić tests both approximations against exact calculations on small networks. The results are striking. For networks with 8 to 16 vertices where exact computation is feasible, S_{R2} consistently outperforms S_{R1}. But more importantly, when Zlatić scales up to networks of 20 vertices — where exact computation becomes impractical but the semi-local approximation remains tractable — the agreement between the approximate functional and the true functional remains excellent across all tested values of α, p, and q.

This is the practical heart of the paper: optimization doesn't require global knowledge. A vertex deciding where to place a symbol doesn't need a map of the entire network. It only needs to know what's happening in its neighborhood — within some radius determined by the maximum MICS size you care about. Multiple vertices can run local optimization algorithms — simulated annealing, message passing, anything — using only local information, and the global configuration that emerges will be approximately optimal.

This makes the framework actually deployable in real systems.

The Hackability Side

Zlatić develops parallel machinery for hackability. The exact hackability takes the form:

Here $\mathcal{N}(X_i)$ is the set of vertices containing symbol X_i, and the notation $\mathcal{N}(X_i) \circ \mathcal{N}(X_j)$ represents the overlap between symbol neighborhoods. The inclusion-exclusion structure mirrors the survivability polynomial, but now captures the combinatorial risk of an attacker collecting complete information across multiple compromised vertices.

The approximation for hackability uses Bonferroni bounds — standard probability inequalities that bound the error from truncating the inclusion-exclusion series. The error bound B_{2m-1} - B_{2m} / 2 provides a reliable estimate of approximation quality.

Combined with the survivability approximation, the full robustness functional can be optimized using only local neighborhood information. The semi-local functional F_R tracks the true functional F within predictable error bounds.

A Spin Glass in Disguise

One of the most elegant results in the paper is the connection to spin systems — a bridge between information security and statistical physics.

When the information splits into just two symbols, the system simplifies dramatically. Any MICS that contributes to the functional is either a single vertex holding both symbols, or an edge connecting two vertices holding one symbol each. In this limit, Zlatić shows that the robustness functional can be rewritten as:

where n_{X_1 X_2} counts vertices with both symbols and l_{X_1 X_2} counts edges connecting vertices with different symbols.

For small p̄ and q — meaning high failure or high compromise rates — this can be approximated as an energy function:

with h = αp̄ - (1-α)q and J = αp̄².

This is a spin Hamiltonian. The quantity h acts like an external field favoring or disfavoring vertices that hold both symbols. The term J acts like an interaction between vertices — an anti-ferromagnetic coupling that penalizes configurations where single-symbol vertices are adjacent.

Zlatić analyzes the ground state of this effective spin system on a 1D chain. The solution reveals an interesting phase structure: one side of the chain develops a finite cluster of double-symbol vertices, while the rest alternates single-symbol states. This is the optimal arrangement for this limiting case — a pattern that emerges naturally from the robustness optimization.

The spin-glass connection is more than a mathematical curiosity. It opens the door to the entire toolkit of statistical physics — domain wall methods, replica theory, message-passing algorithms — for analyzing and optimizing secret storage configurations.

What the Numbers Say

Zlatić's tests on synthetic networks reveal how well the approximations work in practice. He compares exact robustness functional values against the semi-local approximations on Erdős-Rényi random graphs — the standard null model for random networks.

The absolute and relative errors are consistently small. For the R2 approximation with radius R=1 (meaning each vertex only knows about its immediate neighbors), the mean absolute error across all tested configurations never exceeds a few percentage points. The mean relative error tracks closely, staying below 5% in most regimes. This holds across different values of p (0.2, 0.4, 0.6), q (0.05, 0.1, 0.2), and α (0.2, 0.5, 0.8).

The R1 approximation performs worse but still usable — its mean absolute error runs about twice as high as R2 in comparable conditions. For applications where exact answers aren't critical, R1 might be sufficient. For security-critical systems, R2 is worth the extra computation.

Zlatić also tests larger networks where exact computation is impossible but the semi-local approximation remains tractable. For N=20 vertices with average degree z=4 and 33 symbols, he compares the approximate functional against a heuristic optimization (max-sum message passing) that produces near-optimal candidate configurations. The relative difference between the optimized approximate functional and the heuristic's approximate functional stays below 10% across all tested parameter regimes. This is strong evidence that the semi-local approximation captures the essential structure of the optimization landscape.

The key insight is that the approximation quality depends more on the network structure than the parameter choices. Locally tree-like networks with moderate average degree show the best agreement. Networks with high clustering or heavy-tailed degree distributions may require larger radius R for comparable accuracy.

Approximation accuracy by α (network failure vs attack weighting)

Comparison of relative approximation errors across different values of α (failure vs attack likelihood ratio) for ER networks with N=20 and z=4. Lower values indicate better approximation accuracy.

Approximation accuracy by α (network failure vs attack weighting)
LabelValue
α=0.20.025 relative error
α=0.40.022 relative error
α=0.60.018 relative error
α=0.80.015 relative error

The chart above shows the error structure across different parameter combinations. Each point represents a different network instance, symbol configuration, and parameter triple (p, q, α). The scatter is relatively tight — the approximation doesn't systematically over- or under-estimate across the parameter range. This means you can use the approximation reliably for optimization even without knowing the exact functional.

The Distributed Torrent

Zlatić is explicit about his motivation: trusted distributed storage systems modeled on BitTorrent, where information is fragmented and stored across many participants' machines. The benefits are twofold. First, security: no single compromised machine leaks anything meaningful. Second, efficiency: no single machine bears the full storage burden for any piece of data.

This vision isn't science fiction. It maps onto real systems being developed for decentralized storage — IPFS, Filecoin, Sia, Storj, and others. These systems fragment files, distribute them across networks of storage providers, and reassemble them on retrieval. They face exactly the problems Zlatić's framework addresses: how to place fragments to survive node failures while resisting adversarial compromise.

The difference is that current decentralized storage systems make placement decisions based on simple heuristics — random placement, proximity-based placement, economic incentive alignment. They don't optimize for the tradeoff between survivability and hackability in a rigorous way. Zlatić's framework provides the mathematical language for doing so.

But the applications extend beyond storage. He mentions critical infrastructure networks, where components depend on each other for essential functions. Microbial consortia, where different species exchange metabolites and the network structure determines community stability. Functional biodiversity, where ecosystems maintain resilience through distributed redundancy. Healthcare service networks, where patient care depends on distributed access to medical records and expertise.

In each case, the same mathematical structure appears: distributed components holding partial information, requiring collective recovery after degradation events, while resisting adversarial targeting. Zlatić's framework applies directly.

The Local Advantage

The most practically significant result in the paper is the semi-local optimization property. Most network optimization problems require centralized computation: you need global knowledge of the network topology, then you solve for the optimal configuration, then you distribute the solution back to the network. This is expensive, fragile, and requires trust in a central authority.

Zlatić's semi-local methods break this requirement. The configuration can be optimized using only local neighborhood information. Each vertex runs an optimization routine using only what it knows about its nearby peers. The global optimum emerges from local interactions.

This has immediate implications for privacy. A central planner calculating optimal placement learns the complete structure of who's storing what. In Zlatić's framework, no single entity needs to know the full picture. Information about local topology and symbol neighborhoods is sufficient. You could implement this in a distributed system where nodes negotiate local configurations without ever sharing their global knowledge.

It also has implications for scalability. A centralized optimizer becomes computationally intractable as networks grow. A distributed optimizer using local information scales naturally — each node's computation is bounded by its neighborhood size, independent of total network size.

And it has implications for robustness. A centralized system has a single point of failure: the optimizer itself. A distributed system using local information degrades gracefully — nodes can continue optimizing based on their local views even as parts of the network become unreachable.

Open Questions

Zlatić is careful to acknowledge the framework's limitations. The most important is scalability with symbol set size. When the number of distinct symbols N grows large, the MICS enumeration and polynomial coefficients blow up combinatorially. The current methods work well for N up to perhaps a few dozen symbols. Systems with hundreds or thousands of distinct data elements — like a large file fragmented into many pieces — would require different techniques.

The framework also assumes that failure and hacking probabilities (p and q) are uniform and independent across vertices. Real networks have correlations: adjacent vertices might be more likely to fail together (if they share a power supply), or more likely to be hacked together (if they share administrative credentials). The framework can be extended to handle these correlations, but the math becomes more complex.

The current model requires all N symbols to be present for reconstruction — the classic secret sharing threshold. Shamir's classic scheme and similar protocols allow reconstruction from any m of N shares. Zlatić notes that extending the framework to this threshold case is "of additional practical interest" but beyond the current scope. This is probably the most important direction for future work, since most real secret-sharing schemes use thresholds rather than requiring all shares.

There's also the question of adversarial network structure. Zlatić assumes the network topology is fixed and known when placing information. What if an adversary can choose which vertices to compromise, or can observe the placement and adapt their strategy? The current framework treats p and q as exogenous probabilities — natural processes not under strategic control. Game-theoretic extensions would need to model adversarial placement or adaptive attacks.

Finally, the spin-system connection deserves more exploration. Zlatić shows the two-symbol case maps exactly to a spin Hamiltonian, but the general N-symbol case likely connects to more complex spin-glass models. Understanding this connection could unlock new optimization methods from the statistical physics literature.

The Deeper Pattern

What Zlatić's paper ultimately reveals is a deep structural connection between two things that don't immediately seem related: information security and network resilience.

Network resilience researchers have spent decades understanding how networks respond to failure and attack — percolation, cascading failures, robustness measures, fragile versus resilient topologies. Their tools are mathematical: generating functions, message passing, spin models, statistical physics.

Information security researchers have developed their own mathematical toolkit: encryption schemes, secret sharing, threshold cryptography, Byzantine fault tolerance.

Zlatić sits at the intersection. His robustness functional borrows from both traditions. The survivability term uses the intuition that networks fragment under failure — the inclusion-exclusion structure comes straight from percolation theory. The hackability term uses the intuition that attackers probe vertices independently — the probabilistic structure comes from cryptographic threshold schemes.

The result is a unified framework where network topology and information placement jointly determine security outcomes. This isn't just theoretically satisfying — it has practical consequences.

Consider a distributed storage network planning to fragment sensitive data across participants. Under current approaches, they'll probably think about redundancy levels, encryption strength, and access controls. Under Zlatić's framework, they'd also ask: what's the network topology between our storage nodes? How does that topology create correlations in failure and compromise? Where should we place fragments to balance survival and security given that topology?

These aren't questions anyone is currently asking in a systematic way. Zlatić gives us the language to ask them properly.

Looking Forward

The paper appeared in June 2026 as a preprint on arXiv. It hasn't yet been peer-reviewed or published in a journal, though the mathematical derivations appear careful and the results are internally consistent. The next steps would be empirical validation — implementing the framework in a real distributed storage system and measuring actual survivability and hackability under simulated failures and attacks.

If the framework holds up under empirical testing, it would represent a genuine advance in how we design distributed secure systems. Instead of treating the network as a neutral substrate, we'd have tools for treating it as an active design variable.

The connection to spin systems is particularly promising. Statistical physicists have spent decades developing methods for optimizing complex systems — simulated annealing, replica exchange, belief propagation, survey propagation. Many of these methods were invented for spin glasses but have found applications in error-correcting codes, combinatorial optimization, machine learning. Zlatić's mapping suggests these methods could now be applied to distributed information security.

The semi-local optimization property might be the most immediately useful. Systems that can achieve near-optimal placement without centralized computation would be inherently more private, scalable, and robust than systems requiring centralized planning. This could influence how next-generation distributed storage networks are architected.

Zlatić's paper won't immediately change how anyone stores data. The mathematics is too new, the practical implementations too undeveloped. But it opens a door. It suggests that the tradeoff between survivability and hackability, which has seemed like a vague design judgment call, actually has structure — mathematical structure that can be explored, optimized, and exploited.

That's not a small thing. In information security, where most decisions are made through experience, intuition, and guesswork, rigorous structure is valuable. It lets you prove things. It lets you compute tradeoffs instead of estimating them. It lets you design systems with known properties instead of hoping they'll work.

The secret is in the network — and now we have a way to find it.


Key Takeaways:

  • The problem: Distributed information storage faces an inherent tradeoff between survivability (recovering data after network failures) and hackability (preventing adversaries from collecting enough pieces to reconstruct secrets). The intuitive solutions — copy everywhere or fragment everywhere — maximize one at the expense of the other.

  • The framework: Zlatić's robustness functional unifies both goals in a single mathematical quantity, parameterized by failure probability p, hack probability q, and the relative likelihood α of failure versus attack events. The functional captures how network topology shapes both survivability and hackability simultaneously.

  • The key innovation: Minimal information-carrying subgraphs (MICS) provide an exact representation of survivability as a polynomial in the survival probability. This reveals structure that enables approximation.

  • The practical result: Semi-local optimization — using only information about local neighborhoods, not the entire network — achieves near-optimal robustness. This makes the framework deployable in real distributed systems without centralized planning or global knowledge.

  • The deeper connection: For two-symbol information, the robustness functional maps exactly to a spin Hamiltonian with external field and interaction terms. This connects distributed information security to the entire toolkit of statistical physics.