A Protocol to Set Up Shared Secret Schemes Without the Assistance of a Mutually Trusted Party
- Cite this paper as:
- Ingemarsson I., Simmons G.J. (1991) A Protocol to Set Up Shared Secret Schemes Without the Assistance of a Mutually Trusted Party. In: Damgård I.B. (eds) Advances in Cryptology — EUROCRYPT ’90. EUROCRYPT 1990. Lecture Notes in Computer Science, vol 473. Springer, Berlin, Heidelberg
All shared secret or shared control schemes devised thus far are autocratic in the sense that they depend in their realization on the existence of a single party—which may be either an individual or a device—that is unconditionally trusted by all the participants in the scheme [5,6]. The function of this trusted party is to first choose the secret (piece of information) and then to construct and distribute in secret to each of the participants the private pieces of information which are their shares in the shared secret or control scheme. The private pieces of information are constructed in such a way that any authorized concurrence (subset) of the participants will jointly have sufficient information about the secret to reconstruct it while no unauthorized collection of them will be able to do so. For many applications, though, there is no one who is trusted by all of the participants, and in the extreme case, no one who is trusted by anyone else. In the absence of a trusted party or authority, no one can be trusted to know the secret and hence—until now—it has appeared to be impossible to construct and distribute the private pieces of information needed to realize a shared control scheme. It is worth noting that in commercial and/or internation(al) applications, this situation is more nearly the norm than the exception.