How to share a secret

  title={How to share a secret},
  author={A. Shamir},
  journal={Commun. ACM},
  • A. Shamir
  • Published 1979
  • Computer Science
  • Commun. ACM
In this paper we show how to divide data <italic>D</italic> into <italic>n</italic> pieces in such a way that <italic>D</italic> is easily reconstructable from any <italic>k</italic> pieces, but even complete knowledge of <italic>k</italic> - 1 pieces reveals absolutely no information about <italic>D</italic>. This technique enables the construction of robust key management schemes for cryptographic systems that can function securely and reliably even when misfortunes destroy half the pieces… Expand

Topics from this paper

The round complexity of verifiable secret sharing and secure multicast
This work studies the exact round complexity of two basic secure computation tasks: Verifiable Secret Sharing (VSS) and Secure Multicast, and proves tight tradeoffs between the round complexity and the achievable security threshold. Expand
Completeness theorems for non-cryptographic fault-tolerant distributed computation
Every function of <italic>n</italic> inputs can be efficiently computed by a complete network of <italic>n</italic> processors in such a way that:<list><item>If no faults occur, no set of sizeExpand
Communication complexity of secure computation (extended abstract)
This paper begins the investigation of the communication complexity of unconditionally secure multi-party computation, and its relation with various fault-tolerance models, and presents upper and lower bounds on communication, as well as tradeoffs among resources. Expand
How to Securely Collaborate on Data: Decentralized Threshold HE and Secure Key Update
This article proposes a decentralized method to construct decentralized Threshold HE schemes using secret sharing schemes in top-down approach with a central key dealer. Expand
An O(log n) expected rounds randomized byzantine generals protocol
It is shown that, in the absence of eavesdropping, without using cryptography, for any ε > 0 and t = n, there is a randomized protocol with O(log) expected number of rounds, which is an improvement on the lower bound of t + 1 rounds required for deterministic protocols. Expand
An O(lg n) expected rounds randomized Byzantine generals protocol
Byzantine Generals protocols enable processes to reliably broadcast messages in the presence of faulty processes. These protocols are run in a system of consists of <italic>n</italic> processes,Expand
How not to share a set of secrets
This note analyses one of the existing space efficient secret sharing schemes and suggests vulnerabilities in its design and elaborates the adoption of a scheme proposed by Hugo Krawczyk as an extension of Shamir's scheme, for a set of secrets, which is space optimal and works for all choices of secrets. Expand
On secret sharing protocols
Many different cryptographic protocols are examined and some basic comparisons are made and three new methods that are part of the Ph.D. thesis of A. Moldenhauer are introduced, including a combinatorial method and one that applies similar techniques using solutions of the Hurwitz equation. Expand
Single-bit re-encryption with applications to distributed proof systems
This work uses the Goldwasser-Micali cryptosystem to implement single-bit re-encryption and extends the primitive to support commutative encryption as well, and designs a variant of the Minami-Kotz algorithm that not only is free of covert channels, but also has additional proving power over the original design. Expand
Secure Secret Sharing in the Cloud
This scheme permits a batch of two secret messages to be shared to two players in such a way that the secrets are reconstructable if and only if two of them collaborate. Expand


Safeguarding cryptographic keys
Certain cryptographic keys, such as a number which makes it possible to compute the secret decoding exponent in an RSA public key cryptosystem,1,5 or the system master key and certain other keys in aExpand
A method for obtaining digital signatures and public-key cryptosystems
An encryption method is presented with the novel property that publicly revealing an encryption key does not thereby reveal the corresponding decryption key, soriers or other secure means are not needed to transmit keys. Expand
The art of computer programming. Vol.2: Seminumerical algorithms
This professional art of computer programming volume 2 seminumerical algorithms 3rd edition that has actually been written by is one of the best seller books in the world and is never late to read. Expand
The Design and Analysis of Computer Algorithms
This text introduces the basic data structures and programming techniques often used in efficient algorithms, and covers use of lists, push-down stacks, queues, trees, and graphs. Expand
The Design and Analysis of Computer AIgorithms
  • The Design and Analysis of Computer AIgorithms
  • 1974
LThe polynomials can be replaced by any other collection of functions which are easy to evaluate and to interpolate
  • LThe polynomials can be replaced by any other collection of functions which are easy to evaluate and to interpolate