d-乗法秘密分散(Multiplicative Secret Sharing，以下MSS) とは，Barkol-Ishai-Weinreb (Journal of Cryptology，2010) が提案した秘密分散であり，情報理論的に安全な秘密分散の性質に加え各プレーヤが任意のd 個の秘密のシェアからそれらの乗算結果の加法的シェアを直接計算できる．著者らはこれまでに，乗算結果の正しさを検証可能な乗法秘密分散(Verifiably MSS，以下d-VMSS) を導入し，d-VMSS が存在するための必要十分条件を示し，効率的な構成法を示した(IEEE Transactions on Information Theory, 2019)．d-VMSS とはd-MSS の性質に加え乗算結果の正しさを示す証明の加法的シェアも計算でき，従来法では証明が有限体の要素二つであった．本稿では，証明を有限体の要素一つに最小化する構成法を提案する．そのために，MSS およびVMSS における復元が加法であることに着目し，乗法に限定して準同型な関数(multiplicative-only homomorphic function, 以下MHF) を導入し，証明の構成に利用した．さらに，任意の有限体で利用でき，検証効率が良く，かつ実装が容易なMHF の具体例も示す．

A d-multiplicative secret sharing (d-MSS) scheme [Barkol-Ishai-Weinreb, Journal of Cryptology,2010] allows the players to multiply d shared secrets without recovering the secrets by converting their shares locally into an additive sharing of the product. We have introduced the notion of verifiably multiplicative SS, VMSS for short, proved a necessary and sufficient condition for VMSS to exist, and presented an efficient construction [IEEE Transactions on Information Theory, 2019]. In the previous construction, the overhead of verifiability, called a proof, is two field elements. This paper presents a more efficient construction of VMSS with a smaller proof size and a smaller share size than the previous schemes. Our main technical contribution is to formalize multiplicative-only homomorphic functions (MHFs) and use an MHF for generating a proof. In addition, we present a concrete instance of MHF that can be used for any finite field with highly efficient verification and easy implementation. Our technique also works for multi-party computation to guarantee robustness and improve efficiency.