Shamir Secret Sharing over an unsecure channel for a protocol design

Pietro

10/12/23, 11:41 AM

Let's suppose that we have two parties, $A$ and $B$ that are using a Shamir Secret Sharing scheme with $k=3$. $A$ holds the points $[x_1, f(x_1)]$ and $[x_2, f(x_2)]$ while $B$ holds $[x_3, f(x_3)]$ and $[x_4, f(x_4))]$.

$A$ sends the point $[x_1, f(x_1)]$ to $B$, and $B$ answers with the point $[x_3, f(x_3)]$, so that both $A$ and $B$ can reconstruct the shared secret to be used in the following part of the protocol.

The messages are sent over an unsecure channel and they are unauthenticated.

I have identified some issues in this part, for example an eavesdropper can intercept several different communications, eg. $A$ and $B$ with $C$ and $D$, obtaining $k = 3$ points and reconstruct the secret, for this I was thinking about defining a minimum security level by properly setting $k$.

Is there any other possible issue when using the Shamir Shared Secret to share critical information in the context of a protocol design?

102

1 + 1

protocol-design

secret-sharing

kelalaka

10/13/23, 10:20 AM

I found this really open question, could you ask for a specific protocol instead of arbitrary one?

Score:0

Crypto

Martin Kochanski

10/12/23, 12:35 PM

The issue you have raised can be addressed by A and B creating unique random points for each separate interlocutor, rather than each creating one single pair of points for use with everyone.

The other man-in-the-middle attack is when X intercepts rather than just eavesdropping. He can then arrange an “A with X” shared secret and an “X with B” shared secret.

There are ways of obviating this attack using hashes, since “the shared secret as seen by A” and “the shared secret as seen by B” are not the same when the attack has taken place, and they ought to be. But some quite careful protocol design is needed, and I only know that it works when Diffie-Hellman is used to set up the shared secret. Shamir may be different.

+ 0

Elon Musk

I sit in a Tesla and translated this thread with Ai:

EN: Shamir Secret Sharing over an unsecure channel for a protocol design

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.