主动秘密共享

SSS简介 (Intro to SSS)

Before we talk about Proactive Secret Sharing, we probably should briefly talk about Secret Sharing, in particular, we want to focus on Shamir Secret Sharing (SSS).

在谈论主动秘密共享之前，我们可能应该简要地讨论秘密共享，尤其是我们要关注Shamir秘密共享(SSS)。

The idea of SSS is relatively intuitive, a 2-degree polynomial requires 3 points to be exactly located. Likewise, an n-degree polynomial requires n+1 points to be exact. Let’s say for a 2-degree polynomial f(x), we can choose the secret to be the value in f(0) and we send f(1) to Alice, f(2) to Bob, f(3) to Carol, f(4) to Dave, etc.. We can share more points to more people but as long as we have three points, we will be able to recover the value of f(0).

SSS的想法是相对直观的，一个2多项式需要3个点才能精确定位。 同样，n次多项式需要精确的n + 1点。 假设对于2次多项式f(x) ，我们可以选择秘密作为f(0)的值，然后将f(1)发送给Alice，将f(2)发送给Bob，将f(3)发送给Carol ， f(4)到Dave等。我们可以与更多人共享更多点，但是只要我们有3个点，我们就可以恢复f(0)的值。

PSS呢？ (What about PSS?)

Ok, now we know what is SSS. What about PSS?

好的，现在我们知道什么是SSS。 PSS呢？

The concept of PSS is to allow key rotation (reshuffle the shares). Let’s say Alice’s computer gets compromised, (1) can Bob/Carol/Dave reshuffle their shares to render Alice’s share obsolete? (2) If Alice later buys a new computer, how can she join the group again?

PSS的概念是允许密钥旋转(重新分配共享)。 假设爱丽丝的计算机受到威胁，(1)鲍勃/卡罗尔/戴夫能否改组其股份以使其过时？ (2)如果爱丽丝后来买了一台新电脑，她又如何才能加入该团体？

Of course, we want to do it without the so-called trusted dealer. With a trusted dealer, obviously, Bob/Carol/Dave can send their keys to the dealer, the dealer reconstructs the secret, generate a new polynomial, and distribute new shares to Bob/Carol/Dave. The dealer can also send a new share to Alice when she has a new computer la