From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from smtp1.linuxfoundation.org (smtp1.linux-foundation.org [172.17.192.35]) by mail.linuxfoundation.org (Postfix) with ESMTPS id A124E10F3 for ; Wed, 17 Jan 2018 15:36:26 +0000 (UTC) X-Greylist: whitelisted by SQLgrey-1.7.6 Received: from mail-vk0-f41.google.com (mail-vk0-f41.google.com [209.85.213.41]) by smtp1.linuxfoundation.org (Postfix) with ESMTPS id 4044F14E for ; Wed, 17 Jan 2018 15:36:26 +0000 (UTC) Received: by mail-vk0-f41.google.com with SMTP id n132so857195vke.2 for ; Wed, 17 Jan 2018 07:36:26 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:sender:in-reply-to:references:from:date:message-id :subject:to:cc; bh=+6b991UOB6GNtbekt+dGLNs1COM0cg5wbtVHONCKUnA=; b=YEyAu79FDDgVOleBgJkfs/LgjkoNTJUCP4qYXKVHVF5ueYYb1pkToNCE2KyUvRgUwy 2sSwPmwjwsNrFTY3mEny4oV+aWViLulZ8fmSS0zgDLPHLYjoS3VrNPwkq4QO6VONIuZh r5BJ59a170o6CijtiEyyDGuXnb7DjcFI9xdogWGnG4eo9SmMVfWC0ookuO0CFLoFQ2oJ mrl39Y5dvrt7SyAAQ+tublJU0lw0rLDSCLizrXlqf2kq5LJo3iQH4rDo+cAmXPFShFv3 0yV/Jhui0W0qWJT0RLveBwPuM+MHrXrOG/rbcx2aFdncItJT+mGc2VT40bqFx+0xZk0+ /A4g== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:sender:in-reply-to:references:from :date:message-id:subject:to:cc; bh=+6b991UOB6GNtbekt+dGLNs1COM0cg5wbtVHONCKUnA=; b=OyaetygRgkkf2FOM5A1mJ8/OTO2layJ4l4WuJPBRzZv+kL1xdg2NpQKFOy2GkZ2iwk AH+6W14963hpSdV4JqeW31zi41HXNSr1XfeCjJuxIJlCWxi8Z7NQkrkbqsuheadAEEgo emodIggyjP7MoUUt0dbJoOydMRJobtlRB94g0+QEJwENVrYLKMVdrJirQ7vw/zKlvj+D H7HU13sf8dbYoF9OMn//A9zcB05/yQRpjkfIG1OrUev9Z85z+XOSiMQYCm0X4rQiBVl8 ubf8/MrDiFsODISq/GBng26Pvi6kucWNWzfWcJJg370y0fQsSbPJVzV0fjgNz14WDRsM 7bwQ== X-Gm-Message-State: AKwxytcGOAd8RyXbTRUC7GBABcv2moCag1DF5BIOkOnay0MBwOPjuyna 6gn2EGeHs9bVyLKTWt0wAsGNzCOXJO8OlDmHS8Y= X-Google-Smtp-Source: ACJfBotGYWvn6+FJtMNHhI9UB51x+v5R7TLZRaHM0P5+YhZMRpgMR6JqCgeKDjTKrLdeg3eYrcWWGlcwJ4L6QGTm2u8= X-Received: by 10.31.82.194 with SMTP id g185mr2276588vkb.15.1516203385448; Wed, 17 Jan 2018 07:36:25 -0800 (PST) MIME-Version: 1.0 Sender: gmaxwell@gmail.com Received: by 10.103.85.152 with HTTP; Wed, 17 Jan 2018 07:36:25 -0800 (PST) In-Reply-To: References: <51280a45-f86b-3191-d55e-f34e880c1da8@satoshilabs.com> From: Gregory Maxwell Date: Wed, 17 Jan 2018 15:36:25 +0000 X-Google-Sender-Auth: OgPvhH_q1f2hGrYbV-u3QZUmdf4 Message-ID: To: "Russell O'Connor" , Bitcoin Protocol Discussion Content-Type: text/plain; charset="UTF-8" X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID, FREEMAIL_FROM, RCVD_IN_DNSWL_NONE autolearn=ham version=3.3.1 X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on smtp1.linux-foundation.org Subject: Re: [bitcoin-dev] Satoshilabs secret shared private key scheme X-BeenThere: bitcoin-dev@lists.linuxfoundation.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: Bitcoin Protocol Discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 17 Jan 2018 15:36:26 -0000 On Wed, Jan 17, 2018 at 3:28 PM, Russell O'Connor via bitcoin-dev wrote: > it is impossible to break SSS. Obligatory repeated point: if the scheme being used actually is SSS and not a Shamir-Shaped-Sharing instead. This should go without mention by my experience is that a great many things which claim to be SSS aren't. Sometimes precisely because they stuck in some hashes in arbitrary places and destroyed the properties (in fact, the really old broken armory implementation effectively did that, and in fact resulted in a real weakness not just a theoretical one).