Definition

In cryptography, secret sharing refers to any method for distributing a secret among a group of participants, each of which allocates a share of the secret. The secret can only be reconstructed when the shares are combined together; individual shares are of no use on their own.

The secret is opened only when specific conditions are fulfilled. Each of n participants is given a number of share, and any group of t (threshold) or more shares together can open the secret but no group of less than t shares can.

A secure secret sharing scheme distributes shares so that anyone with fewer than t shares has no more information about the secret than someone with 0 shares. Consider the naive secret sharing scheme in which the secret phrase "password" is divided into the shares "pa------," "--ss----," "----wo--," and "------rd,". A person with 0 shares knows only that the password consists of eight letters. He would have to guess the password from 268 = 208 billion possible combinations. A person with one share, however, would have to guess only the six letters from 266 = 308 million combinations. This system is not a secure secret sharing scheme, because a player with less than t shares gains significant information about the content of the secret. In a secure scheme, even a player missing only one share should still face 268 = 208 billion combinations.

Secret sharing was invented by both Adi Shamir and George Blakley independently in 1979.

Examples

  • Imagine that the Board of Directors of Coca-Cola would like to protect Coke's secret formula. The president of the company should be able to access the formula when needed, but in an emergency, any 3 of the 12 board members would be able to unlock the secret formula together. This can be accomplished by a secret sharing scheme with t = 3 and n = 15, where 3 shares are given to the president, and 1 share is given to each board member.
  • Sometimes it is necessary to make the secret inaccessible to a single person. For instance, assume the secret is the "nuclear button" of a state. The President, together with the Premier, can open the secret, but no one of them can do it alone. This scheme can be implemented with t = 2 and n = 2, where 1 share is given to each participant.
  • Let's imagine that there is an organization where all members are equal. Say, an alliance between 5 states. When the organization holds a conference, quorum must be reached. Let's assume that according to the rules, the quorum is 4. If the quorum is reached, then the secret documents can be opened and the conference will start. Such scheme is accomplished with t = 4 and n = 5, where all members are equal and have 1 share.


Refer to the help chapter to know how it is implemented in BestCrypt:

https://www.jetico.com/web_help/bc9/html/07_BestCrypt_control_panel/01_creating_a_container/05_SSS.htm