Re: Attack on Verifiable Secret Sharing scheme
From: David Wagner (daw_at_taverner.cs.berkeley.edu)
Date: 07/29/05
- Next message: Terry Ritter: "Re: Should be in crypto for John E. Hadstate Re: just stupid?"
- Previous message: David Wagner: "Re: Attack on Verifiable Secret Sharing scheme"
- In reply to: Ann Brandon: "Re: Attack on Verifiable Secret Sharing scheme"
- Next in thread: Ann Brandon: "Re: Attack on Verifiable Secret Sharing scheme"
- Reply: Ann Brandon: "Re: Attack on Verifiable Secret Sharing scheme"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Fri, 29 Jul 2005 00:19:40 +0000 (UTC)
Ann Brandon wrote:
>Yes, of course, but I assume in this example, that the dealer is honest.
Oh, so you are describing a scheme? But why would you design your scheme
with the two polynomials chosen in this crazy correlated way, and expect
any kind of security? Why not select the two polynomials independently?
As long as you make them independent, it is secure -- and you don't have
to worry about this special case.
- Next message: Terry Ritter: "Re: Should be in crypto for John E. Hadstate Re: just stupid?"
- Previous message: David Wagner: "Re: Attack on Verifiable Secret Sharing scheme"
- In reply to: Ann Brandon: "Re: Attack on Verifiable Secret Sharing scheme"
- Next in thread: Ann Brandon: "Re: Attack on Verifiable Secret Sharing scheme"
- Reply: Ann Brandon: "Re: Attack on Verifiable Secret Sharing scheme"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
