17 Dec
2003
17 Dec
'03
11:17 p.m.
I know that there is a way to have a key, K, divided into n parts such that any i of them are needed to recunstruct K. The property holds that no i-1 parts are sufficient, and ANY i parts will do. How does this work exactly? Is it really the case that no i-1 parts give information? Is there a way to cheat?
With a key K of size j (goddamn fortran anyway), i parties can share the secret with a threshold of i (requiring all i parties key part) by generating i parts P such that K = Pi XOR Pi-1 XOR ... P1. All the parts P are the same size as K, which keeps the effort of guessing a missing part equal to j, or the size of the key k itself. Such a scheme is not ideal for keys K that have a deterministic characteristic.