Cryptography Reference
In-Depth Information
X
3
+
···
+
X
n
=
X
. If one number is missing, it is impossible to
determine what
might be. This solution is an extension of the
one-time pad and it is just as secure. If the parts are chosen by a
good, secure random number generator, there is no way the people
who hold the
X
n−
1
parts can guess what the value of the missing part
might be.
In practice, this solution is often computed for each bit in the
secret. That is, the secret is split into
parts. If the first bits of the
parts are added together, they will reveal the first bit of the secret. If
the second bits of the different parts are added together, the result is
the second bit of the secret. This addition is donemodulo 2, so you're
really just determining whether there is an odd or even number of
ones in the bits. Here's an example:
n
X
1
= 101010100
X
2
= 101011010
X
3
= 110010010
X
4
= 010101100
X
1
+
X
2
+
X
3
+
X
4
= 100110000
If you wanted to split up a secret, then you would generate the
first
n −
1
parts at random. Then you would compute
X
n
so that
X
1
+
X
n
−
1
.
Are both of these solutions equally secure? The addition method,
whichisjustanextensionoftheone-timepad,isperfectlysecure.
There is no way that the system can be broken if you don't have
access to all of the parts. There is no additional pattern. The layers of
encryption are not necessarily as secure. There are somany variables
in the choice of encryption function and the size of the keys, that
some choices might be breakable.
Another way of understanding this is to examine the entropy of
the equation,
···
+
X
n
=
X
.Thisisactuallyeasy.
X
n
=
X
+
X
1
+
···
+
X
1
+
X
2
+
X
3
+
···
+
X
n
=
X
. If each value of
X
i
has
m
bits, then there are
mn
bits of entropy required to determine the
equation. If
n −
1
values of
X
i
are recovered, there are still
m
bits of
entropy or
2
m
possible solutions to explore.
Intuitively, this encryption equation has the same properties:
f
(
k
1
,f
(
k
2
,f
(
k
3
,...f
(
k
n
,X
)
...
)))
.
If each key,
bits of entropy in
the equation. Unfortunately, the complexity of the function
k
i
,has
m
bits, then there are still
mn
f
makes
it difficult to provide more mathematical guarantees.
If the basic
function,
, is secure enough to use for basic encryption, then it
should be secure in this case. But, there are many interesting and
f
