Using an "N out of M keys" system

Thread: Using an "N out of M keys" system

Search this list only Search all lists
Using an "N out of M keys" system
	2006-09-16 10:27:06

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 > The way it works is the key is split into M parts in such a way that > so long as you have N of the parts it can be reconstructed. The key is not split. Calling it a "split key" is a misnomer at best, and is a further example of how PGP.com deliberately uses the wrong terminology. > The reconstructed key is the original key and is used as normal. The key is derived, not reconstructed. >; The system is a LITTLE <g> more complex than this but basically works >; the same way (ie: The data is distributed in such a way that each > piece occurs at least once so long as you have access to N parts and > you can tell how to recombine them). This, too, is incorrect. The Shamir Secret-Sharing Protocol, which is what PGP uses last I checked some years ago, works on principles that are absolutely obvious once you think about it. Imagine a graph where (0,0) is at the origin. You're looking for a line that crosses the vertical line at 0--the "y-intercept" of the line, if you remember your high school geometry. The y-intercept of this line is your key. Now give one person a coordinate in the plane. Can they derive a line from that point? Of course not: you need two points to draw a line. Now give three people each a different coordinate in the plane. Can they derive a line? Sure: they have enough points. In fact, any _two_ of them can derive a line. They just plot their points on the graph and draw a line between them. And where that line crosses the y-axis? That's the shared key. This is a simple example of a scheme where you're breaking up a key among N people, where any two people working together can derive the original key. But at no point is any of the N people actually given a part of the key, and it's mathematically impossible to derive the key without two or more people sharing their information. Want to share a key among three people? Well, three points define a parabola... so instead of using a line, say "where a certain parabola crosses the Y-axis, that's the secret key". Give each of N people a point on the graph. If three of them share their data they can recreate the parabola and derive the secret key. Want to share a key among four people? Four points define a cubic equasion. Among five? Quartic equasion. Six? Quintic. It scales quite well. Real world implementations of the Shamir protocol typically add additional layers of complexity, but this should be a reasonably accurate introduction to it. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.5 (Darwin) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iQEcBAEBCgAGBQJFC9F6AAoJELcA9IL+r4EJp4gIAJTTcFaXCE7D2ODI4iKK5T4j jxoz5yApLMJbhVOLrU3Pj4UwY0L5ZdBeTUmvxVFSlyYr8RAOYyfpm6JfqYgNcoC2 9Qz7kWZ3q/DXc+UaIsqbDCKEih6zVazpNKeFr16tRWQpcsj96hT9jUMZRew96tF7 Memp/tQsWRrtqAdyhqlfHBkiF5xHm0qJn5Y05gdd1+cgmHuSpYpKr5BjpilFXt0T oMbNDld48wrk/XJQlVhk15vIVpgY7n+7JFUSO/W6aDEoS6FDEoRLPaF3tQCaaMyU cb4PV/bVQQAey0zm2EqQLUUu2oVihvZJKS4liDwxkuNz0E8S78/XNPIjsSdtKvI= =Tg9Y -----END PGP SIGNATURE----- __._,_.___ Messages in this topic (3) Reply (via web post) \| Start a new topic . __,_._,___

[1]

about | contact Other archives ( Real Estate discussion Medical topics )