Re: Multikey crypto

[smb@research.att.com]

	 Since I am relatively new to the field of encryption forgive
	 me if this is a FAQ.

	 Has anyone ever done anything with an encryption scheme that
	 allows multiple unlocking keys? What I'm thinking about is a
	 way to encrypt some data and then create multiple keys that
	 will decrypt the data. I want to be able to encrypt a document
	 and then give multiple people access to the document and be
	 able to lock out a key and/or generate new keys without having
	 to redistribute keys to everybody that already

	 has one. I realize that this makes it easier to attack the
	 encrypted information since there are multiple keys to unlock
	 the data but I don't consider this a big problem. If someone
	 wants to throw heavy duty horsepower at the problem they will
	 crack it eventually anyway.

There are a number of ways to do that.  The best overview can be
found in

@incollection{Simmons92,
        author = {Gustavus J. Simmons},
        title = {An Introduction to Shared Secret and/or Shared Control Schemes and Their Application},
        booktitle = {Contemporary Cryptology:  The Science of Information Integrity},
        year = 1992,
        pages = {441--497},
	editor = {Gustavus J. Simmons},
	publisher = {{IEEE} Press}
}

The best-known scheme is described in

@article{sharesecret,
   author = {Adi Shamir},
   journal = {Communications of the ACM},
   number = {11},
   pages = {612--613},
   title = {How to Share a Secret},
   volume = {22},
   year = {1979}
}

but also see

@article{sealing,
   author = {David K. Gifford},
   journal = {Communications of the ACM},
   number = {4},
   pages = {274--286},
   title = {Cryptographic Sealing for Information Secrecy and Authentication},
   volume = {25},
   year = {1982}
}