Author: Matt Whitlock 2014-04-04 18:53:41
Published on: 2014-04-04T18:53:41+00:00
In an email exchange on April 4, 2014, Gregory Maxwell suggested to Matt Whitlock that he should look at other secret sharing implementations that use GF(2^8), which end up being just a couple of dozen lines of code. He noted that they work efficiently for all sizes of data, and there are implementations in multiple languages. Whitlock had expressed concern about the complexity of his current implementation and indicated that he wanted something simple for dividing a private key into shares. Whitlock also asked if there was a use case for byte-wise operations rather than big-integer operations, but Maxwell argued that using GF(2^8) allows for efficient scaling to any size data without extra overhead or additional primes. He further suggested that it can be compactly implemented in Javascript and wouldn't be burdensome to implement on a device like a trezor or a real microcontroller. Maxwell also emphasized that the proposed approach is distinct from a threshold ECDSA key scheme and offers advantages that cannot be achieved with a threshold ECDSA compatible approach. Whitlock agreed to look into secret sharing in GF(2^8) but said it might take him a few days.
Updated on: 2023-06-08T16:59:35.719699+00:00