文件加密成N个文件,但至少需要M个文件才能解密?

发布于 2024-11-10 08:50:47 字数 263 浏览 3 评论 0原文

我认为这种技术可能有一个名字,但我不记得用谷歌搜索它。

有什么方法可以将一个文件(或者密码等)加密成N个文件,其中任意M个(小于N个)都可以用来恢复完整的原始文件,但是小于M个则完全无用(比如在一个相当于破解 1024 位 AES)。

例如,我将公司的所有密码加密成N个文件,给N个公司高管各1个文件。任何 NM 高管都可以在一场激烈的飞机失事中与我一起死去,而剩下的 M 仍然可以恢复继续业务所需的所有密码。但 M-1 的高管不能作恶,秘密地将公司的所有秘密数据出售给竞争对手。

I think this technique may have a name, but I can't remember it to google it.

What methods are there to encrypt a file (or password, etc.) into N files, of which any M (less than N) can be used to recover the complete original file, but any less than M are completely useless (say on an order equivalent to cracking 1024-bit AES).

e.g. I encrypt all the company's passwords into N files, giving N company executive each 1 file. Any N-M executives can die with me in a fiery plane crash, and the remaining M can still recover all the passwords necessary to continue the business. But M-1 executives can't go rogue and secretly sell all the company's secret data to the competition.

如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。

扫码二维码加入Web技术交流群

发布评论

需要 登录 才能够评论, 你可以免费 注册 一个本站的账号。

评论(3

心是晴朗的。 2024-11-17 08:50:47

您所追求的算法类别称为秘密共享方案,最广泛实施的示例是 Shamir 的秘密共享方案。

一般来说,所做的是为对称密码(如 AES)生成随机密钥;使用该随机密钥加密明文;然后使用秘密共享方案将随机密钥分成 N 份。那么密文就不必保密;仅关键股。

The class of algorithm you're after is called a Secret Sharing Scheme, and the most widely implemented example is Shamir's Secret Sharing Scheme.

Generally, what is done is to generate a random key for a symmetric cipher, like AES; encrypt the plaintext with that random key; then split the random key into N shares using the secret sharing scheme. The ciphertext then does not have to be kept secret; only the key shares.

独留℉清风醉 2024-11-17 08:50:47

我以前没有听说过分割加密数据,但使用秘密共享 方案可能就是您所追求的。

Splitting the encrypted data isn't something I've heard about before, but sharing key data using a Secret Sharing scheme could be what you're after.

撩人痒 2024-11-17 08:50:47

解决方案很简单:

所有数据都经过对称加密并存储在一个公共位置(数据中心内有飞机坠毁的备份),然后对称密钥被加密并存储多次......您可以使用一些 diffie hellman 组密钥加密 X 个不同组的密钥,其中 X 是 T 上的二项式系数 N,其中 N 是 (n) 所需股东的数量,T 是 (t) 股东的总数(或者如果您不需要组密钥,命令以可恢复的方式获取各集团股东的公钥,并经过一系列加密)

将加密密钥与数据一起存储,销毁原始对称密钥并将私钥分发给所有股东

(当然这将是让每个股东生成他/她自己的密钥对,并最终通过组交换协议来生成组密钥更安全,但那些穿西装的人通常不明白这样的事情......;-)

the solution for this is simple:

all data is symetrically encrypted and stored in a common place (with backups for fiery plane crashes in datacenters) and the symetric key is then encrypted and stored multiple times ... you could use some diffie hellman group keys to encrypt the key for X different groups where X is the binomial coefficient N over T where N is the number of (n)eeded shareholders and T is the (t)otal number of shareholders (or if you don't want group keys, order the public keys of each groups shareholders in a recoverable manner, and go through a chain of encryptions)

store the encrypted keys together with the data,, destroy the original symetric key and hand out the private keys to all shareholders

(of course it would be more secure to have each shareholder generate his/her own keypair, and eventually go through the group exchange protocol to generate the group key, but those guys in the suits usually don't understand things like this ... ;-)

~没有更多了~
我们使用 Cookies 和其他技术来定制您的体验包括您的登录状态等。通过阅读我们的 隐私政策 了解更多相关信息。 单击 接受 或继续使用网站,即表示您同意使用 Cookies 和您的相关数据。
原文