0

This is related to Is it possible to create a mix of predefined and generated shares for Shamir's Secret Sharing?, but I have unfortunately lost access to that question and can't merge accounts right now.

I now know that it is most definitely possible to create some predefined shares but was looking for further information on the security of doings this based of a few points.

  • Always choose $j$ "arbitrary" shares such that there are always less than $k$ (e.g. $j=1$ in a 3 out of 5 scheme), applies to all below.

  • If I randomly generate a short sequence of words (e.g. bip39) and then hash that to a length greater the secret rather than letting a user choose their own "arbitrary" shares.

  • A proposed process for something like this would be:

    1. Define Points ($x$,$y$)
      • ($0$, secret)
      • (random $x$, hashed "arbitrary share")
      • (random $x$, random $y$) - $k - 2$ times
    2. Lagrange Interpolation returning polynomial $p$
    3. Generate further shares from $p$
    • "arbitrary share" hashed to length of secret.
    • All Random generators are CSPRNGs.
euandeas
  • 23
  • 3
  • The question is there. What do you mean "lost access"? If you can see this question you can see that question. And the answers are quite detailed. – kodlu Feb 29 '24 at 15:50
  • I could not comment or accept an answer as it was on a different account and this account did not have enough rep. The answers were great but I just wanted some further clarification, of which I could not comment. But this is off-topic... – euandeas Feb 29 '24 at 23:17

0 Answers0