Is this the first ever practically-deployed use of a threshold scheme?

Jonathan Thornburg jthorn at astro.indiana.edu
Sun Aug 1 13:57:59 EDT 2010


On Sat, 31 Jul 2010, Jakob Schlyter wrote:
> The DNS root key is stored in HSMs. The key backups (maintained by ICANN)
> are encrypted with a storage master key (SMK), created inside the HSM and
> then split among 7 people (aka "Recovery Key Share Holders"). To recover the
> SMK in case of all 4 HSMs going bad, 5 of 7 key shares are required.
> (https://www.iana.org/dnssec/icann-dps.txt section 5.2.4)
> 
> According to the FIPS 140-2 Security Policy of the HSM, an AEP Keyper, the
> M-of-N key split is done using a La Grange interpolating Polynomial.

A minor nit... his name was "Lagrange" (one word), not "La Grange"
(2 words).  See http://en.wikipedia.org/wiki/Lagrange for further details.
Lagrange interpolating polynomials are widely used in non-crypto numerical
computations (solving differential equations and suchlike).

-- 
-- "Jonathan Thornburg [remove -animal to reply]" <jthorn at astro.indiana-zebra.edu>
   Dept of Astronomy, Indiana University, Bloomington, Indiana, USA
   "Washing one's hands of the conflict between the powerful and the
    powerless means to side with the powerful, not to be neutral."
                                      -- quote by Freire / poster by Oxfam

---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com



More information about the cryptography mailing list