On Tue, Apr 22, 2014 at 12:11 PM, Michael Rogers <[email protected]> wrote: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA256 > > On 22/04/14 19:47, Trevor Perrin wrote: >>> * The friends don't have enough shares to reconstruct the key >>> even if they collude >> >> They do, if n-2 >= k. > > Doh, sorry, I tried to generalise this from k=4, n=5 and failed. :0) > The user should keep n-k+1 shares on her device.
Still doesn't seem right. I think you're trying to accomplish: (a) The user has a key which is required for recovery (b) A quorum of friends is also required for recovery I think this is better implemented by setting the final key to an XOR of the keys recovered from (a) and (b). Trevor _______________________________________________ Messaging mailing list [email protected] https://moderncrypto.org/mailman/listinfo/messaging
