(Short) Intro and question

Saqib Ali docbook.xml at gmail.com
Sun Jan 7 23:20:01 EST 2007 

I think you are looking for the m of n solution, or commonly known as
shared secret which can be implemented using shamir's or blakley's
scheme.

you can find a open source implementation of shamir's scheme @
http://point-at-infinity.org/ssss/

or more info check out the wikipedia entry:
http://en.wikipedia.org/wiki/Secret_sharing

saqib
http://www.full-disk-encryption.net



On 1/6/07, Allen <netsecurity at sound-by-design.com> wrote:
> Hi everyone,
>
> I'm Allen Schaaf and I'm primarily an information security
> analyst - I try to look at things like a total stranger and ask
> all the dumb questions hoping to stumble on one or two that
> hadn't been asked before that will reveal a potential risk.
>
> I'm currently consulting at a very large HMO and finding that
> there are lots of questions that have not been asked so I'm
> having fun.
>
> One of the questions that I have been raising is trust and how to
> ensure that that it is not misplaced or eroded over time. Which
> leads me to my question for the list: I can see easily how to do
> split key for 2 out of x for key recovery, but I can't seem to
> find a reference to the 3 out of x problem.
>
> In case I have not been clear enough, it is commonly known that
> it is harder to get collusion when three people need to act
> together than when there are just two. For most encryption 2 out
> x is just fine, but some things need a higher level of security
> than 2 out of x can provide.
>
> Thanks for any tips, ideas, solutions, or pointers.
>
> Allen Schaaf
> Information Security Analyst
> Certified Network Security Analyst and
> Intrusion Forensics Investigator - CEH, CHFI
> Certified EC-Council Instructor - CEI
>
> Security is lot like democracy - everyone's for it but
> few understand that you have to work at it constantly.
>
> ---------------------------------------------------------------------
> The Cryptography Mailing List
> Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com
>


-- 
Saqib Ali, CISSP, ISSAP
http://www.full-disk-encryption.net

---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com

More information about the cryptography mailing list