1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
|
Return-Path: <gmaxwell@gmail.com>
Received: from smtp1.linuxfoundation.org (smtp1.linux-foundation.org
[172.17.192.35])
by mail.linuxfoundation.org (Postfix) with ESMTPS id A124E10F3
for <bitcoin-dev@lists.linuxfoundation.org>;
Wed, 17 Jan 2018 15:36:26 +0000 (UTC)
X-Greylist: whitelisted by SQLgrey-1.7.6
Received: from mail-vk0-f41.google.com (mail-vk0-f41.google.com
[209.85.213.41])
by smtp1.linuxfoundation.org (Postfix) with ESMTPS id 4044F14E
for <bitcoin-dev@lists.linuxfoundation.org>;
Wed, 17 Jan 2018 15:36:26 +0000 (UTC)
Received: by mail-vk0-f41.google.com with SMTP id n132so857195vke.2
for <bitcoin-dev@lists.linuxfoundation.org>;
Wed, 17 Jan 2018 07:36:26 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025;
h=mime-version:sender:in-reply-to:references:from:date:message-id
:subject:to:cc;
bh=+6b991UOB6GNtbekt+dGLNs1COM0cg5wbtVHONCKUnA=;
b=YEyAu79FDDgVOleBgJkfs/LgjkoNTJUCP4qYXKVHVF5ueYYb1pkToNCE2KyUvRgUwy
2sSwPmwjwsNrFTY3mEny4oV+aWViLulZ8fmSS0zgDLPHLYjoS3VrNPwkq4QO6VONIuZh
r5BJ59a170o6CijtiEyyDGuXnb7DjcFI9xdogWGnG4eo9SmMVfWC0ookuO0CFLoFQ2oJ
mrl39Y5dvrt7SyAAQ+tublJU0lw0rLDSCLizrXlqf2kq5LJo3iQH4rDo+cAmXPFShFv3
0yV/Jhui0W0qWJT0RLveBwPuM+MHrXrOG/rbcx2aFdncItJT+mGc2VT40bqFx+0xZk0+
/A4g==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
d=1e100.net; s=20161025;
h=x-gm-message-state:mime-version:sender:in-reply-to:references:from
:date:message-id:subject:to:cc;
bh=+6b991UOB6GNtbekt+dGLNs1COM0cg5wbtVHONCKUnA=;
b=OyaetygRgkkf2FOM5A1mJ8/OTO2layJ4l4WuJPBRzZv+kL1xdg2NpQKFOy2GkZ2iwk
AH+6W14963hpSdV4JqeW31zi41HXNSr1XfeCjJuxIJlCWxi8Z7NQkrkbqsuheadAEEgo
emodIggyjP7MoUUt0dbJoOydMRJobtlRB94g0+QEJwENVrYLKMVdrJirQ7vw/zKlvj+D
H7HU13sf8dbYoF9OMn//A9zcB05/yQRpjkfIG1OrUev9Z85z+XOSiMQYCm0X4rQiBVl8
ubf8/MrDiFsODISq/GBng26Pvi6kucWNWzfWcJJg370y0fQsSbPJVzV0fjgNz14WDRsM
7bwQ==
X-Gm-Message-State: AKwxytcGOAd8RyXbTRUC7GBABcv2moCag1DF5BIOkOnay0MBwOPjuyna
6gn2EGeHs9bVyLKTWt0wAsGNzCOXJO8OlDmHS8Y=
X-Google-Smtp-Source: ACJfBotGYWvn6+FJtMNHhI9UB51x+v5R7TLZRaHM0P5+YhZMRpgMR6JqCgeKDjTKrLdeg3eYrcWWGlcwJ4L6QGTm2u8=
X-Received: by 10.31.82.194 with SMTP id g185mr2276588vkb.15.1516203385448;
Wed, 17 Jan 2018 07:36:25 -0800 (PST)
MIME-Version: 1.0
Sender: gmaxwell@gmail.com
Received: by 10.103.85.152 with HTTP; Wed, 17 Jan 2018 07:36:25 -0800 (PST)
In-Reply-To: <CAMZUoKnJM+U0QrVgD1VP4Q=krYDHmCn-poydVrz79r-w-89+yw@mail.gmail.com>
References: <51280a45-f86b-3191-d55e-f34e880c1da8@satoshilabs.com>
<CAMZUoKnJM+U0QrVgD1VP4Q=krYDHmCn-poydVrz79r-w-89+yw@mail.gmail.com>
From: Gregory Maxwell <greg@xiph.org>
Date: Wed, 17 Jan 2018 15:36:25 +0000
X-Google-Sender-Auth: OgPvhH_q1f2hGrYbV-u3QZUmdf4
Message-ID: <CAAS2fgQx_PdNCqLvUjrWJOAtik1UeLn_U=JHszq=RveoRRpzag@mail.gmail.com>
To: "Russell O'Connor" <roconnor@blockstream.io>,
Bitcoin Protocol Discussion <bitcoin-dev@lists.linuxfoundation.org>
Content-Type: text/plain; charset="UTF-8"
X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00,DKIM_SIGNED,
DKIM_VALID, FREEMAIL_FROM,
RCVD_IN_DNSWL_NONE autolearn=ham version=3.3.1
X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on
smtp1.linux-foundation.org
Subject: Re: [bitcoin-dev] Satoshilabs secret shared private key scheme
X-BeenThere: bitcoin-dev@lists.linuxfoundation.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Bitcoin Protocol Discussion <bitcoin-dev.lists.linuxfoundation.org>
List-Unsubscribe: <https://lists.linuxfoundation.org/mailman/options/bitcoin-dev>,
<mailto:bitcoin-dev-request@lists.linuxfoundation.org?subject=unsubscribe>
List-Archive: <http://lists.linuxfoundation.org/pipermail/bitcoin-dev/>
List-Post: <mailto:bitcoin-dev@lists.linuxfoundation.org>
List-Help: <mailto:bitcoin-dev-request@lists.linuxfoundation.org?subject=help>
List-Subscribe: <https://lists.linuxfoundation.org/mailman/listinfo/bitcoin-dev>,
<mailto:bitcoin-dev-request@lists.linuxfoundation.org?subject=subscribe>
X-List-Received-Date: Wed, 17 Jan 2018 15:36:26 -0000
On Wed, Jan 17, 2018 at 3:28 PM, Russell O'Connor via bitcoin-dev
<bitcoin-dev@lists.linuxfoundation.org> wrote:
> it is impossible to break SSS.
Obligatory repeated point: if the scheme being used actually is SSS
and not a Shamir-Shaped-Sharing instead. This should go without
mention by my experience is that a great many things which claim to be
SSS aren't. Sometimes precisely because they stuck in some hashes in
arbitrary places and destroyed the properties (in fact, the really old
broken armory implementation effectively did that, and in fact
resulted in a real weakness not just a theoretical one).
|
