Cryptography Reference
In-Depth Information
This can be easily generalized for an arbitrary number of persons. You create
n
−
1 one-time pads,
S
1
,...,S
n
−
1
, and XOR them; the result should be
S
n
.You
use
S
n
to encrypt the plaintext, creating ciphertext
C
. You give
S
1
,...,S
n
−
1
and
C
to your
n
conversers — one file to each one. Only XORing the data of
all
conversers will reveal the plaintext.
For a very large amount of data, you can split plaintext
P
into
n
equally
long parts,
P
1
,...,P
n
, of length 1 (you may have to pad the bits). Moreover,
you create
n
one-time pads,
S
1
,...,S
n
, of length 1. Each bit sequence,
P
i
,
with all
S
j
is then XORed with
j
i
. Each one of the
n
conversers gets
ciphertext
C
j
thus created, together with key
S
j
, which had
not
been used
when encrypting
P
j
.
=
Secret splitting is an excellent method of establishing and maintaining secrecy,
much better than safes. Split your secret into five parts and give each part to
five trustworthy persons who lock it away in their safes. Even if these safes
were of Franz Jager (Berlin), Egon Olsen would be powerless, because at the
latest when breaking the third safe, he would surely end up in prison. And
even if you were wrong about the trustworthiness of your partners, it suffices
that
one
of them remains trustworthy, and the probability for this is sufficiently
high. Moreover, you can make sure that your partners know nothing about each
other.
However, the method has a flaw. If one single safe of your partners is robbed
or the contents destroyed in a fire, then the entire information is lost. The
probability for one single such event may not be high, but with five partners,
it is five times as high. Backup concepts double the cost. To overcome this
problem, secret sharing was invented.
6.2.2 Secret Sharing
If you fear that two of the five safes of your partners might burn down, then
you have to split your data by the
secret sharing
method: three arbitrary part-
ners together can reconstruct your data, while two can't. The reason is related
to error-correcting codes, which you may make ample use of: when listen-
ing to a CD, the computation of 8 bits of information out of 14 bits of data
is played back several ten thousand times per second. The physical record-
ing method of CDs is so unreliable that every byte has to be 'expanded' to
14 bits. If a few bits are lost during the reading process, they can be com-
puted from the remaining bits. If too many are lost, nothing can be computed
anymore.
