Traceable Secret Sharing: Strong Security and Efficient Constructions

ePrint Report: Traceable Secret Sharing: Strong Security and Efficient Constructions

Dan Boneh, Aditi Partap, Lior Rotem

Suppose Alice uses a $t$-out-of-$n$ secret sharing to store her secret key on $n$ servers. Her secret key is protected as long as $t$ of them do not collude. However, what if a less-than-$t$ subset of the servers decides to offer the shares they have for sale? In this case, Alice should be able to hold them accountable, or else nothing prevents them from …

alice dan eprint report key report secret secret key security servers sharing store traceable