Re: RIP proof secret splitting

From: Roger Schlafly (
Date: 04/24/03

From: "Roger Schlafly" <>
Date: Wed, 23 Apr 2003 22:06:36 GMT

<> wrote
> decrypt the message without both halves. A problem would
> arise, however, if the plaintext is easy to guess, because
> then the owner of one of the shadows could simply guess
> at possible plaintexts until he got it right. To avoid this ...

If the encryption method is resistant to chosen-ciphertext
attacks, then guessing does not work. Maybe that's what
you want.