Re: two of three
From: Michael Brown (see_at_signature.below)
Date: 01/28/05
- Next message: Volker Hetzer: "Re: two of three"
- Previous message: Julia Faflek: "Re: Hardness of DDH with short exponents"
- In reply to: Bob Harris: "two of three"
- Next in thread: Bob Harris: "Re: two of three"
- Reply: Bob Harris: "Re: two of three"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Sat, 29 Jan 2005 02:05:11 +1100
Bob Harris wrote:
> Suppose I have a value x (chosen from some range) and I want to
> encrypt it with three value a, b, and c (each from the same range as
> x) such that x can be recovered from any two of those values. In
> other words, we have functions f, g, and h such that f(a,b) = g(b,c)
> = h(c,a) = x.
The term to look for is "secret splitting" A primitive approach in this case
would be encrypt it with a single key, call it K, and let it be n bits long.
Then, split K into 3 equal portions, called K1, K2, K3. K1 is n/3 bits long,
etc.
The first "metavalue" a contains K1 and K2, b contains K2 and K3, and c
contains K3 and K1. From any two of these values, the original key can be
found. The downside to this approach is that you have dramatically reduced
the brute-force keyspace if you have only one of the "metavalues", something
which better methods avoid.
[...]
-- Michael Brown www.emboss.co.nz : OOS/RSI software and more :) Add michael@ to emboss.co.nz ---+--- My inbox is always open
- Next message: Volker Hetzer: "Re: two of three"
- Previous message: Julia Faflek: "Re: Hardness of DDH with short exponents"
- In reply to: Bob Harris: "two of three"
- Next in thread: Bob Harris: "Re: two of three"
- Reply: Bob Harris: "Re: two of three"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
|
