[Cryptography] New White Paper: GhostLine - Information-Theoretically Secure Multi-Party Chat
Jon Callas
jon at callas.org
Mon Sep 15 18:11:32 EDT 2025
> On Sep 13, 2025, at 19:51, Pierre Abbat <phma at bezitopo.org> wrote:
>
> Here's an idea: Can you use a secret-sharing scheme, such as Lagrange
> polynomial interpretation, to reduce the total amount of pad that needs to be
> distributed? Suppose that the total amount of data that the group will send in
> time T is a meg, but no one will send and receive (combined) more than 10 kB.
> Instead of sending everyone the same meg of pad, you can send everyone a
> different pad of 10 kB, and Alice can encrypt a message so that only Alice and
> Bob can decrypt it.
Not really. Or perhaps, absolutely you can. We have constructs to bracket what the parameters are. For example, is it worthwhile to limit the security parameter from information-theoretic security, down to one that has a security factor of, oh, let's say 2^256 while getting in return a 2^-256 reduction in pad size? Is that a decent tradeoff?
If it is, then yes, we have such constructs. They're called stream ciphers.
Jon
More information about the cryptography
mailing list