[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Public-key secret sharing



Has anyone combined polynomial secret sharing with public-key
cryptography to create a public-key secret sharing system?

For example, encrypt a file with a session key, SK. Use secret
sharing to split SK into n parts, with m required for decryption.
Encrypt each of the n parts with a different person's public key.
Publish the encrypted file and public-key encrypted pieces of the
key. To decrypt, m of the trustees use their secret keys to recover
their shares of SK, combine them, and retrieve SK to decrypt the
file. This has the advantage of requiring only one copy of the
file, and requiring no pre-arrangement with the trustees. Is there
a better way to do this (especially so the size of the file does not
grow linearly with the number of trustees)?

When is PGP 3.0 with the toolkit coming out? This should make it
easy to implement these things, along with digicash and other
projects. The MPI library and conventional crypto is fairly
accessible, but the code which creates PGP-format packets is not
easy to call from another program.

--- [email protected]