Editing Secret sharing (section)

== "Secure" versus "insecure" secret sharing ==
A secure secret sharing scheme distributes shares so that anyone with fewer than ''t'' shares has no more information about the secret than someone with 0 shares.

Consider for example the secret sharing scheme in which the secret phrase "password" is divided into the shares "pa––––––", "––ss––––", "––––wo––", and "––––––rd". A person with 0 shares knows only that the password consists of eight letters, and thus would have to guess the password from 26<sup>8</sup> = 208 billion possible combinations. A person with one share, however, would have to guess only the six letters, from 26<sup>6</sup> = 308 million combinations, and so on as more persons collude. Consequently, this system is not a "secure" secret sharing scheme, because a player with fewer than ''t'' secret shares is able to reduce the problem of obtaining the inner secret without first needing to obtain all of the necessary shares.

In contrast, consider the secret sharing scheme where ''X'' is the secret to be shared, ''P<sub>i</sub>'' are public [[Public-key cryptography|asymmetric encryption]] keys and ''Q<sub>i</sub>'' their corresponding private keys. Each player ''J'' is provided with {{nowrap|{''P''<sub>1</sub>(''P''<sub>2</sub>(...(''P<sub>N</sub>''(''X'')))), ''Q<sub>j</sub>''}.}} In this scheme, any player with private key 1 can remove the outer layer of encryption, a player with keys 1 and 2 can remove the first and second layer, and so on. A player with fewer than ''N'' keys can never fully reach the secret ''X'' without first needing to decrypt a public-key-encrypted blob for which he does not have the corresponding private key – a problem that is currently believed to be computationally infeasible. Additionally we can see that any user with all ''N'' private keys is able to decrypt all of the outer layers to obtain ''X'', the secret, and consequently this system is a secure secret distribution system.