On Fri, 18 Feb 2005 02:42:44 EST, John Richard Moser said: > The problem is that I need a guaranteed way to create data for any valid > N and M where N >= 3 > M >= 2 in which access to M fragments of the key > (each fragment is encrypted) can be used to gain access to the rest of > the fragments, which in turn allows any selection of M users to > authenticate and gain physical access to the key. Schneier's 'Applied Cryptography' discusses "secret sharing" schemes, and chasing the references from there should be sufficient. > Reminder that the idea here is to use a physical method, not bare access > control that can be evaded by loading a modified kernel. Not sure what you mean by "a physical method", unless you go to something like the old "2 keys must be inserted at the same time in slots more than an arm's reach apart" type of scheme.
Attachment:
pgpiDMmVW3PFb.pgp
Description: PGP signature