Key safety vs Backup : History of a bad day (key-restoration problem)
Robert J. Hansen
rjh at sixdemonbag.org
Sun Oct 28 12:21:22 CET 2007
Atom Smasher wrote:
> i wouldn't generally advocate a vernam cipher for encrypting messages, but
> i think it is the best real-world-practical way to do secret sharing (at
> least until someone builds an application that ~uses~ a real secret
> sharing algorithm).
See _The Art of Computer Programming_, Volume 2, section 4.6.4,
"Evaluation of Polynomials". In my copy it's on page 505; YMMV if you
have a different edition. Knuth characterizes it as "an important and
somewhat surprising application of polynomial interpolation", as well as
"amazingly simple".
I can vouch for the "amazingly simple" part. I volunteer at a local
elementary school and help teach their talented-and-gifted fourth
graders. One of the first things we do each year is go over the Shamir
protocol.
PGP Corporation also uses it to divide up key shares, if I recall correctly.
More information about the Gnupg-users
mailing list