Re: A simple secret sharing between 2 person

b wrote:
> Hi.
> I am a newbie in this and I wish to know if a idea of secret sharing
> between 2 persons is good.
> The ideea is:
> 1) encrypt the data using a block cipher (like AES)
> 2) give the even position bits to the first person and the odd position
> bits to the second person.
> Example: if the data encrypted is: 01011100, the first will receive the
> bits 0010 (the first, the third, the fifth,etc... bits) and the second
> will receive 1110 (the scond, the fourth, etc.. bits).
>
> AFAIK the block cipher needs the whole block to decrypt the data.

let's re-write your problem in the equivalent but less balanced method
of

1. User A gets 127 bits of the block
2. User B gets 1 bit of the block

Now user A knows that the plaintext is English ASCII, or an MP3 or an
MPEG or ...

So he guesses the missing bit and uses the decrypt that makes the most
sense. Chances are good that only one of them will actually match a
source language.

What's the point of a secret splitting? The ideal is that with
unbounded computational time any one [or subset less than threshold]
party cannot decrypt uniquely the message.

for example, this would be a valid split.

for i = 0 to m-1 do
  1. T[i] = E_k(i)
  2. Send P[i] xor T[i] to user A
  3. Send T[i] to user B

[k = AES key, P = plaintext, m = number of blocks]

Now neither party can decrypt uniquely the text and they have to
combine the shares to decrypt it.

Tom
Received on Thu Sep 29 21:41:28 2005