Shamir's secret sharing | EPFL Graph Search

Are you an EPFL student looking for a semester project?

Work with us on data science and visualisation projects, and deploy your project as an app on top of GraphSearch.

Shamir's secret sharing (SSS) is an efficient secret sharing algorithm for distributing private information (the "secret") among a group so that the secret cannot be revealed unless a quorum of the group acts together to pool their knowledge. To achieve this, the secret is mathematically divided into parts (the "shares") from which the secret can be reassembled only when a sufficient number of shares are combined. SSS has the property of information-theoretic security, meaning that even if an attacker steals some shares, it is impossible for the attacker to reconstruct the secret unless they have stolen the quorum number of shares. Shamir's secret sharing is used in some applications to share the access keys to a master secret. SSS is used to secure a secret in a distributed form, most often to secure encryption keys. The secret is split into multiple shares, which individually do not give any information about the secret. To reconstruct a secret secured by SSS, a number of shares is needed, called the threshold. No information about the secret can be gained from any number of shares below the threshold (a property called perfect secrecy). In this sense, SSS is a generalisation of the one-time pad (which can be viewed as SSS with a two-share threshold and two shares in total). A company needs to secure their vault. If a single person knows the code to the vault, the code might be lost or unavailable when the vault needs to be opened. If there are several people who know the code, they may not trust each other to always act honestly. SSS can be used in this situation to generate shares of the vault's code which are distributed to authorized individuals in the company. The minimum threshold and number of shares given to each individual can be selected such that the vault is accessible only by (groups of) authorized individuals. If fewer shares than the threshold are presented, the vault cannot be opened. By accident or as an act of opposition, some individuals might present incorrect information for their shares.

About this result

This page is automatically generated and may contain information that is not correct, complete, up-to-date, or relevant to your search query. The same applies to every other page on this website. Please make sure to verify the information with EPFL's official sources.

Related concepts (3)

Shamir's secret sharing

Secret sharing

Secret sharing (also called secret splitting) refers to methods for distributing a secret among a group, in such a way that no individual holds any intelligible information about the secret, but when a sufficient number of individuals combine their 'shares', the secret may be reconstructed. Whereas insecure secret sharing allows an attacker to gain more information with each share, secure secret sharing is 'all or nothing' (where 'all' means the necessary number of shares).

Polynomial interpolation

In numerical analysis, polynomial interpolation is the interpolation of a given bivariate data set by the polynomial of lowest possible degree that passes through the points of the dataset. Given a set of n + 1 data points , with no two the same, a polynomial function is said to interpolate the data if for each . There is always a unique such polynomial, commonly given by two explicit formulas, the Lagrange polynomials and Newton polynomials.

Related courses (5)

Related lectures (37)

CS-457: Geometric computing

This course will cover mathematical concepts and efficient numerical methods for geometric computing. We will explore the beauty of geometry and develop algorithms to simulate and optimize 2D and 3D g

CS-721: Privacy at the communication layer

In this seminar course students will get in depth understanding of mechanisms for private communication. This will be done by reading important papers that will be analyzed in the class. Students will

CS-411: Digital education

This course addresses the relationship between specific technological features and the learners' cognitive processes. It also covers the methods and results of empirical studies on this topic: do stud

Privacy-Preserving Machine Learning CS-523: Advanced topics on privacy enhancing technologies

Explores privacy-preserving techniques like secret sharing and homomorphic encryption for secure computations and data protection in machine learning.

Efficient Post-Quantum Commutative Group Action COM-506: Student seminar: security protocols and applications

Explores the CSIDH algorithm, a post-quantum cryptographic scheme based on isogenies, discussing its history, inner workings, and security.

Mixed Protocol Framework for Machine Learning COM-506: Student seminar: security protocols and applications

Presents ABY3, a framework for secure machine learning computations.