基于Shamir门限方案的密钥托管

A Key Escrow System based on Shamir Threshold Scheme

基于Shamir(k,n)秘密分割门限方案提出了一种密钥托管体制,用户将其密钥拆为n个子密钥,并将每一子密钥分别交于一个委托人托管,其中任意大个委托人可恢复用户的密钥,少于k个委托人则不能恢复。文章同时给出了该体制的两种推广。第一种推广是将每一委托人推广为一个托管机构,每一托管机构中又有若干委托人。第二种推广是在用户的密钥被恢复后,用户可重新选取一新密钥,但不改变托管人所托管的内容;而且委托人在恢复用户的密钥时,不诚实的委托人也可被检查出。

In this paper , a key escrow system based on Shamir ( k , n ) secret-sharing nthreshold scheme is proposed. A user splits his secret key into n shares and gives respectively n trustees to escrow, so that arbitrary k trustees can recover the secret key but less than k cannot. Two generalizations of this system are also given. In first one, every trustee is generalised to an escrow agent and every agent has a few trustees. In second one, after secret key being recovered, the user can select a new secret key and do not change what all trustees keep. At the same time, when trustees recover the secret key, dishonest ones can be discovered.