Secret Sharing in a decentralized network

Dandan

3/5/23, 5:30 PM

Is there a method by which a secret can be split across multiple nodes, such that:

No one node can learn the secret.
An adversary can't learn the secret by bringing up multiple dummy nodes.
Redundancy can be had if one or more nodes in the network fail.

0 + 0

secret-sharing

yacovm

3/5/23, 5:58 PM

read about "Threshold secret sharing" especially "Shamir Secret Sharing"

Score:2

Crypto

Aman Grewal

3/5/23, 6:33 PM

There are protocols to distributively create a secret, either a key or a random number. Searching for Distributed Key Generation (DKG) should help.

Depending on what you want to do with the secret determines if you can keep it secret. There are distributed signature schemes. I am not aware of how to do distributed decryption¹ or distributed symmetric encryption.
This depends on your secret sharing model. If you require all nodes to participate in any action, then no amount of adversary-controlled nodes will give the adversary the secret. If you require less than all the nodes to participate, say $t$ nodes, then once the adversary has $t$ nodes, he gets access to the secret.
As mentioned in 2., you can choose a threshold, $t$, of nodes that you need to participate.

As mentioned by @yacovm in a comment, Shamir's Secret Sharing is a common threshold secret sharing scheme.

¹Not strictly true. I have seen interesting ways to do distributed decryption. Say if the encrypted information is audio, you have multiple audio files such that listening to any one of them doesn't provide any information, but if you set up the speakers correctly and stand in the right spot, you can hear the original message. Of course, this is not general purpose and comes with many caveats.

0 + 0

poncho

3/6/23, 2:18 PM

"I am not aware of how to do distributed decryption"; actually, it's fairly easy with IES; each share holder has a Shamir share $(x_i, y_i)$ of the private key (where the field is $GF(q)$, where $q$ is the order of the subgroup generator. An IES decryption involves raising a value in the ciphertext to the power of the private key; each participating share holder could raise that value to his power $y_i$; once the result of that is published, the rest of the decryption is straightforward...

Elon Musk

I sit in a Tesla and translated this thread with Ai:

EN: Secret Sharing in a decentralized network

TH: การแบ่งปันความลับในเครือข่ายแบบกระจายอำนาจ

RO: Partajare secretă într-o rețea descentralizată

RU: Обмен секретами в децентрализованной сети

VI: Chia sẻ bí mật trong một mạng phi tập trung

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.