According to wikipedia, if you are using shamir's secret sharing scheme with a field of order $p$, "High values of $p$ are risky because Eve knows that the chance for $f(x)\pmod{p}=f(x)$ increases with a higher $p$". Is this true? It seems wrong.
Asked
Active
Viewed 66 times
1
-
what that means is f(x) is smaller than p, so mod p does not change the value – Richie Frame Feb 13 '16 at 00:31
-
@RichieFrame Well, yeah. But why would $f(x) \pmod{p} = f(x)$ hurt security? – Christopher King Feb 13 '16 at 00:50
-
when that is the case it is like you are not using the mod p at all, an attacker can skip that step completely, substantially reducing the effort to guess values if points are known – Richie Frame Feb 13 '16 at 00:57
-
@RichieFrame Calculating moduluses wasn't that hard to begin with. Besides, Shamir's secret sharing is informationally secure, so it isn't a matter of effort anyway. – Christopher King Feb 13 '16 at 01:05
-
4"It seems wrong" -> it is wrong; there's no security issue with large $p$ values. – poncho Feb 13 '16 at 04:11
-
@poncho yeah, I think I'll help fix that article at some point. – Christopher King Feb 13 '16 at 04:15
-
@RichieFrame You are wrong. There is no problem at all using large (or small) $p$. When $f(x)$ is chosen at random except for the constant term, then there is no issue. – Yehuda Lindell Feb 13 '16 at 19:08