Where can I learn about proven methods for sharing cryptographic keys?

一个人想着一个人 提交于 2019-11-30 12:54:56

I have always been fascinated by this secret sharing technique. I've seen code implementing it on the internet, but have never seen actual applications. Shamir's secret sharing The wikipedia article links to some actual code, as well as the original academic article.

What you describe sounds a lot like "secret splitting" (Section 12.1. Introduction to Cyptography. Trappe & Washington. 2nd ed) The basic idea is you can come up with a polynomial that includes your "secret" (a key) as a point on the line. You can give out "shares" by picking other points on this polynomial. Two points define a line of the form f(x) = ax + b, three points define a polynomial of the form f(x) = ax^2 + bx + c, and four points define something of the form f(x) = ax^3 + bx^2 + cx + d, and so on. You can choose a polynomial that includes your secret as a point, and a degree for the polynomial sufficient so that any N people can reconstruct it.

This is the basic idea that is known as the "Shamir threshold scheme."

See wikipedia on Secret Splitting and Shamir's Secret Sharing The wikipedia page has some links to implementations of this idea, including GPL'd code for Windows and UNIX.

This is easy to implement with error-correcting codes. You could use a command-line tool such as par2 (which is not exactly appropriate for this specific purpose btw, as it generates recovery blocks of varying size). Let's say you have (n+m) voters, and want a quorum of n votes. You generate n private keys K₁∘, K₂, ... Kn, and generate m additionnal ECC blocks Pₓ of the same size. That way any n blocks suffice to reconstitute the cipher K₁∘K₂∘...∘Kn

Go here for a discussion of the mathematical basis to Shamir's secret sharing and brief discussion of the type of practical applications that it has. Scroll down the page to the lecture notes on Polynomials and Secret Sharing. It's probably a v. basic overview of the area, but should be quite interesting for you. Discrete Mathematics Notes

Lotus Notes provides a practcal implementation of 'Silo passwords' whereby access to some resource (data/info/document) is locked to a 'shared-id' - The ID (part of a certfied PKI system I think based on RSA) is setup with 2 or more (I think up to 16) individual user passwords. The certifier/administrator sets up a scheme whereby any number of passwords from those available or all passwords are necessary to 'open' the id for active use. This process is commonly used to lock-down Org or OU certificates to 2 of 5 or 3 of 5 administrators/corporate officer grant access and so ensure that high-level certificate usage/access can be controlled and absentee admin personnel are avoided.

易学教程内所有资源均来自网络或用户发布的内容,如有违反法律规定的内容欢迎反馈
该文章没有解决你所遇到的问题?点击提问,说说你的问题,让更多的人一起探讨吧!