How to share a secret

  title={How to share a secret},
  author={Adi Shamir},
  journal={Commun. ACM},
  • A. Shamir
  • Published 1 November 1979
  • Computer Science, Mathematics
  • Commun. ACM
In this paper we show how to divide data <italic>D</italic> into <italic>n</italic> pieces in such a way that <italic>D</italic> is easily reconstructable from any <italic>k</italic> pieces, but even complete knowledge of <italic>k</italic> - 1 pieces reveals absolutely no information about <italic>D</italic>. This technique enables the construction of robust key management schemes for cryptographic systems that can function securely and reliably even when misfortunes destroy half the pieces… 
The round complexity of verifiable secret sharing and secure multicast
This work studies the exact round complexity of two basic secure computation tasks: Verifiable Secret Sharing (VSS) and Secure Multicast, and proves tight tradeoffs between the round complexity and the achievable security threshold.
Completeness theorems for non-cryptographic fault-tolerant distributed computation
Every function of <italic>n</italic> inputs can be efficiently computed by a complete network of <italic>n</italic> processors in such a way that:<list><item>If no faults occur, no set of size
Communication complexity of secure computation (extended abstract)
This paper begins the investigation of the communication complexity of unconditionally secure multi-party computation, and its relation with various fault-tolerance models, and presents upper and lower bounds on communication, as well as tradeoffs among resources.
How to Securely Collaborate on Data: Decentralized Threshold HE and Secure Key Update
This article proposes a decentralized method to construct decentralized Threshold HE schemes using secret sharing schemes in top-down approach with a central key dealer.
An O(log n) expected rounds randomized byzantine generals protocol
It is shown that, in the absence of eavesdropping, without using cryptography, for any ε > 0 and t = n, there is a randomized protocol with O(log) expected number of rounds, which is an improvement on the lower bound of t + 1 rounds required for deterministic protocols.
An O(lg n) expected rounds randomized Byzantine generals protocol
Byzantine Generals protocols enable processes to reliably broadcast messages in the presence of faulty processes. These protocols are run in a system of consists of <italic>n</italic> processes,
How not to share a set of secrets
This note analyses one of the existing space efficient secret sharing schemes and suggests vulnerabilities in its design and elaborates the adoption of a scheme proposed by Hugo Krawczyk as an extension of Shamir's scheme, for a set of secrets, which is space optimal and works for all choices of secrets.
On secret sharing protocols
Many different cryptographic protocols are examined and some basic comparisons are made and three new methods that are part of the Ph.D. thesis of A. Moldenhauer are introduced, including a combinatorial method and one that applies similar techniques using solutions of the Hurwitz equation.
Single-bit re-encryption with applications to distributed proof systems
This work uses the Goldwasser-Micali cryptosystem to implement single-bit re-encryption and extends the primitive to support commutative encryption as well, and designs a variant of the Minami-Kotz algorithm that not only is free of covert channels, but also has additional proving power over the original design.
Secure Secret Sharing in the Cloud
This scheme permits a batch of two secret messages to be shared to two players in such a way that the secrets are reconstructable if and only if two of them collaborate.


Safeguarding cryptographic keys
  • G. Blakley
  • Computer Science, Mathematics
    1979 International Workshop on Managing Requirements Knowledge (MARK)
  • 1979
Certain cryptographic keys, such as a number which makes it possible to compute the secret decoding exponent in an RSA public key cryptosystem, 1 , 5 or the system master key and certain other keys
A method for obtaining digital signatures and public-key cryptosystems
An encryption method is presented with the novel property that publicly revealing an encryption key does not thereby reveal the corresponding decryption key, soriers or other secure means are not needed to transmit keys.
The art of computer programming. Vol.2: Seminumerical algorithms
This professional art of computer programming volume 2 seminumerical algorithms 3rd edition that has actually been written by is one of the best seller books in the world and is never late to read.
The Design and Analysis of Computer Algorithms
This text introduces the basic data structures and programming techniques often used in efficient algorithms, and covers use of lists, push-down stacks, queues, trees, and graphs.
LThe polynomials can be replaced by any other collection of functions which are easy to evaluate and to interpolate
  • LThe polynomials can be replaced by any other collection of functions which are easy to evaluate and to interpolate
The Design and Analysis of Computer AIgorithms
  • The Design and Analysis of Computer AIgorithms
  • 1974