question re practical use of secret sharing

alex at alex at
Fri Jun 22 11:18:51 EDT 2007

> pgut001 at 
> "D. K. Smetters" <smetters at> writes:
> > However, given the difficulty people have in managing keys in general,
> > building effective systems that allow them to manage key fragments is beyond
> > the range of most current commercial products.
> I think that's the perfect summary of the problem with threshold schemes.
> The processes they involve is simply too complex both to model mentally for
> users and to build an interface to.  

Heck, even normal key management seems to be too much.  Most real world 
secure systems I seen have a "leap of faith" aspect to them when distributing
the first key (such as a CA or a login server's public key). Often MITM
scenarios are not properly considered when distributing the session keys/ 
certificates. Software ease-of-use/automation trumps properly done key 
management/user enrollment.  It's a pity because often millions of people 
start using them before the serious problems start to crop up (like thievery
or illegal wiretapping) and then it's too late to retrofit them properly
(for example Skype seems to have made these types of mistakes).

- Alex

The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at

More information about the cryptography mailing list