An introduction to this privacy-preserving cryptographic technique and how Keyless is using it to transform the way we share and store private data across the internet.

此隐私保护密码技术的介绍，以及Keyless如何使用它来改变我们在Internet上共享和存储私人数据的方式。

Shamir’s Secret Sharing scheme is an important cryptographic algorithm that allows private information— “secrets” — to be distributed securely amongst an untrusted network.

Shamir的“秘密共享”方案是一种重要的加密算法，它允许将私有信息(“秘密”)安全地分发到不受信任的网络中。

It is one of the cryptographic techniques that Keyless uses to ensure that personal data is kept safe and secure — whether that’s biometric data, private keys or any other personal information that should not be made public.

这是Keyless用来确保个人数据安全的加密技术之一，无论是生物识别数据，私钥还是不应公开的任何其他个人信息。

To understand Shamir’s Secret Sharing, first it’s important to understand what secret sharing aims to achieve.

要了解Shamir的秘密共享，首先重要的是要了解秘密共享旨在实现的目标。

什么是秘密分享？ (What is secret sharing?)

In cryptography, secret sharing is a way to securely distribute fragments of important private information amongst a distributed network or group, making such schemes particularly useful for safeguarding highly sensitive information like private cryptographic keys or biometric data.

在密码学中，秘密共享是一种在分布式网络或组中安全地分布重要私有信息片段的方法，这使得此类方案对于保护高度敏感的信息(例如私有密码密钥或生物特征数据)特别有用。

Secret sharing works by splitting private information into smaller pieces — or shares — and then distributing those shares amongst a group or network.

秘密共享的工作方式是将私人信息分成较小的部分(或份额)，然后将这些份额分配到组或网络中。

Each individual share is useless on its own but when all the shares are together, they reconstruct an original secret.

每个单独的共享本身都是无用的，但是当所有共享在一起时，它们将重建一个原始的秘密。

Imagine that you had one million dollars that you kept in a bank account, and in order to access this bank account you used to the password: secret.

想象一下，您有一个银行帐户中存有一百万美元，并且为了访问该银行帐户，您使用了密码： secret 。

You could split it up and distribute a letter each to six trusted shareholders.

您可以将其拆分，然后分别给六个受信任的股东分发一封信。

s_____, _e____, __c___, ___r__, ____e_, _____t

s _____，_ e ____，__ c ___，___ r __，____ e _，_____ t

The only information that each shareholder would have is the letter that they hold, essentially making their individual shares useless.

每个股东唯一拥有的信息就是他们持有的信件，这实际上使他们的个人股份毫无用处。

Secret sharing schemes can also be hierarchical depending on how the shares are distributed. This allows the secret owner to distribute shares based on how much the shareholders are trusted.

秘密共享方案也可以是分层的，具体取决于共享的分配方式。 这允许秘密所有者根据股东的信任程度来分配股份。

假设您想安全地存储用于访问加密货币钱包的私钥。 (Let’s say you wanted to safely store your private key that you used to access your cryptocurrency wallet.)

Private keys are used to send cryptocurrency from one address to another. They consist of a sequence of random and unique numbers and are given to users at the time they open a wallet.

私钥用于将加密货币从一个地址发送到另一个地址。 它们由一系列随机且唯一的数字组成，并在用户打开钱包时提供给用户。

Firstly, you wouldn’t want to give anyone the entire sequence, so say you split the key into eight shares. Then you distribute copies of those shares between your closest friends and trusted family members.

首先，您不想给任何人整个序列，所以说您将密钥分成八份。 然后，您可以在最亲密的朋友和受信任的家庭成员之间分发这些股份的副本。

You may give eight shares to each of your parents, who you trust without a doubt, four each to your brother your sister, who you trust for the most part, and one each to eight of your friends, who you somewhat trust.

你可能你的妹妹，你的大部分信任谁，每个人给八股到每个你的父母，你毫无疑问相信谁，每四个到你的兄弟你的朋友，谁你有点信任八强。

This hierarchical distribution scheme allows for secret owners to distribute shares based on how much they trust their shareholders.

这种分层分配方案允许秘密所有者根据他们对股东的信任程度来分配股票。

但是，当秘密所有者与股东之间的信任为零时该怎么办？ (But what about when there is zero-trust between the secret owner and the shareholders?)

In most schemes an added encryption layer is implemented to ensure additional privacy and security, allowing the shares to be distributed amongst a network or group that are unknown to the secret owner.

在大多数方案中，实施了附加的加密层以确保额外的隐私和安全性，从而允许将共享分配给秘密所有者未知的网络或组。

Let’s say that each shareholder only holds what seems to be random numbers:

假设每个股东仅持有似乎是随机数的内容：

19_____, _5____, __3___, ___18__, ____5_,_____20

19 _____，_ 5 ____，__ 3 ___，___ 18 __，____ 5 _，_____ 20

With encryption, when all the separate shares (numbers) are together, they still require a decrypting key to reveal the secret (letters) that they represent in the alphabet.

通过加密，当所有单独的份额( 数字 )在一起时，它们仍需要解密密钥才能显示它们在字母表中表示的秘密( 字母 )。

This important step protects private information from organized attacks; even if each shareholder were to collude to recreate the original secret, they wouldn’t be able to learn anything about that secret, as the original secret is encrypted.

此重要步骤可保护私人信息免受有组织的攻击； 即使每个股东串通起来以重新创建原始机密，由于原始机密已被加密，他们也无法学习有关该机密的任何信息。

沙米尔的秘密分享计划 (Shamir’s Secret Sharing Scheme)

One of the challenges of distributing shares is that they can often be lost or compromised. Shareholders can die, lose their shares or have them stolen. At other times, shareholders themselves turn rogue. When many different shares are distributed, it’s also impractical and inefficient to require all shares to reconstruct the secret.

分配股票的挑战之一是它们经常会丢失或受到损害。 股东可能会丧生，损失股票或被盗。 在其他时候，股东自己也变得无赖。 当分发许多不同的份额时，要求所有份额重建机密也是不切实际且效率低下的。

Shamir’s Secret Sharing scheme is an algorithm that was first proposed in 1979 by the renowned Israeli cryptographer Adi Shamir. It allows for information to be broken into many shares, while only requiring a fraction of those shares to reconstruct the original secret.

Shamir的秘密共享方案是一种算法，该算法由著名的以色列密码学家Adi Shamir于1979年首次提出。 它允许将信息分成许多部分，而只需要这些部分的一小部分即可重建原始机密。

This means that, instead of requiring all shares to reconstruct the original secret, Shamir’s scheme requires a minimum number of shares — this minimum is referred to as the threshold.

这意味着，Shamir的方案不是要求所有份额来重建原始秘密，而是需要最小数目的份额-此最小值称为阈值。

One of the benefits of Shamir’s algorithm is that it is flexible and extensible — meaning that the secret owner could add, amend or remove shares at anytime if they wanted to, without modifying the original secret.

Shamir算法的优点之一是它灵活且可扩展，这意味着秘密所有者可以在需要时随时添加，修改或删除共享，而无需修改原始秘密。

The threshold needs to be met in order to reconstruct the secret. If there is anything less than the threshold, the secret cannot be reconstructed, thus making Shamir’s Secret Sharing secure against an adversary — a malicious attacker — that has unlimited computational power; in cryptography this is what we call information theoretically secure.

为了重建秘密，需要满足该阈值。 如果小于阈值，则无法重建机密，从而使Shamir的机密共享可抵御具有无限计算能力的对手-恶意攻击者； 在密码学中，这就是我们所说的理论上安全的信息 。

Information theoretically secure simply means that not even an adversary with unlimited computational power would be able to break the encrypted secret.

从理论上讲 ，信息安全只是意味着即使具有无限计算能力的对手也无法破解加密的机密。

例如： (For example:)

Using the same example from earlier, say that the threshold to reveal the password is 3:

使用与前面相同的示例，假设显示密码的阈值为3 ：

提出三份股份时： (When three shares are presented:)

19_____, _5____, __3___ = 19,5,3,18,5,20 = secret

19 _____，_ 5 ____，__ 3___ = 19、5、3、18、5、20 =秘密

提出两份股份时： (When two shares are presented:)

19_____, _5____ = 19_____, _5____

19 _____，_ 5____ = 19 _____，_ 5____

It’s important to note that with Shamir’s algorithm, shareholders never find out what the other encrypted shares are in a secret. Only the secret owner has access to the entire set of decrypted shares once the secret is reconstructed.

重要的是要注意，使用Shamir算法，股东永远不会发现其他加密共享的秘密。 重建机密后，只有机密拥有者才能访问整个解密共享集。

Shamir的秘密分享如何运作 (How Shamir’s Secret Sharing works)

Shamir’s method for secret sharing relies on polynomial interpolation, which is an algebraic method of estimating unknown values in a gap between two known data points — without needing to know anything about what is on either side of those points.

Shamir的秘密共享方法依赖于多项式插值，这是一种代数方法，用于估计两个已知数据点之间的间隙中的未知值-无需了解这些点两侧的内容。

We will go into further detail on polynomial interpolation in another blog piece, but for the purpose of explaining how SSS works, you can think of it like this:

我们将在另一篇博客文章中进一步介绍多项式插值，但是为了解释SSS的工作原理，您可以这样考虑：

SSS encodes a “secret” into a polynomial, then splits it into pieces and distributes it It’s possible to use polynomial interpolation to efficiently reconstruct that secret without requiring every single share. Instead only the threshold is needed, which provides enough points of data to correctly estimate the values between gaps in the encrypted shares.

SSS将“秘密”编码为多项式，然后将其拆分为多个部分并进行分发。可以使用多项式插值来高效地重构该秘密，而无需每个共享。 取而代之的是仅需要阈值，该阈值提供了足够的数据点来正确估计加密份额中的间隙之间的值。

为什么Shamir的秘密共享对于维护数据隐私至关重要 (Why Shamir’s Secret Sharing is essential to maintaining data privacy)

Shamir’s Secret Sharing makes it possible for multiple parties who do not know each other to store private information. In Keyless’s case, this would be for securely storing user secrets — whether that’s personal information or private cryptographic keys — across our distributed network.

Shamir的秘密共享使不认识的多方可以存储私人信息。 在Keyless的情况下，这将用于在我们的分布式网络中安全地存储用户秘密(无论是个人信息还是私人密钥)。

Because Shamir’s Secret Sharing scheme is information theoretically secure, even an attacker with unlimited computational power cannot break the decrypted share to access the data without having enough shares to meet the threshold — or minimum number of shares.

由于Shamir的秘密共享方案从理论上讲是安全的信息，即使具有无限计算能力的攻击者也无法在没有足够的份额满足阈值(即最小份额)的情况下破坏解密的份额来访问数据。

When combined with other cryptographic techniques, like secure multiparty computation and zero-knowledge cryptography, SSS offers an extra layer of security, making data sharing and storage secure, private, and resilient to accidental data loss and external attacks.

与安全多方计算和零知识加密等其他加密技术结合使用时，SSS提供了额外的安全性，使数据共享和存储变得安全，私有，对意外数据丢失和外部攻击具有弹性。

Keyless如何使用Shamir的方案将您的生物识别数据保密 (How Keyless uses Shamir’s scheme to keep your biometric data private)

Thanks to this algorithm, we can safely distribute secret data in a way that is efficient, secure and private. Instead of storing sensitive data on centralized servers, Keyless is able to split encrypted secrets into pieces, distributing those randomly to nodes across a zero-trust network.

借助此算法，我们可以以高效，安全和私有的方式安全地分发机密数据。 无需将敏感数据存储在集中式服务器上，Keyless能够将加密的机密分割为多个部分，将其随机分发到零信任网络中的节点。

Imagine that you write down a secret message on a piece of paper. The message that you wrote uses whole words to substitute letters, but only you know that. For example, PIG stands for P. You place the piece of paper into an envelope, and then seal it and cut it into twenty different pieces, and give those pieces out to random strangers at Shibuya crossing in Tokyo — the busiest pedestrian crossing in the world.

想象一下，您在一张纸上写下了一条秘密信息。 您编写的消息使用整个单词代替字母，但是只有您知道这一点。 例如，PIG代表P。您将纸放在信封中，然后密封并切成20个不同的纸片，然后将这些纸片分发给东京涩谷十字路口(东京最繁忙的人行横道)的陌生人。世界。

Since the encrypted data is split into ‘shares’ and randomly assigned to Keyless nodes, there is no longer a centralized storage system that adversaries — also known as hackers or bad players — can target.

由于加密后的数据被分成“共享”并随机分配给“无钥匙”节点，因此不再有对手(也称为黑客或不良玩家)可以瞄准的集中式存储系统。

Someone who wanted to find those pieces of the envelope and use them illegally, wouldn’t know where to start looking.

想要找到信封的那些部分并非法使用它们的人，将不知道从哪里开始寻找。

To reconstruct the message, a minimum number of shares need to be collected from nodes in our network. So in order to compromise the user’s “secrets”, someone would need to take over enough nodes in the network to acquire the minimum number of shares to meet the threshold.

要重建消息，需要从我们网络中的节点收集最少数量的份额。 因此，为了破坏用户的“秘密”，某人将需要接管网络中的足够节点以获取最少数量的份额以满足阈值。

Despite the odds, that person would need to find at least half of people carrying different pieces of the envelope. They would then need to try to steal the pieces from these five strangers — who may have their own weapons to fight off the attacker.

尽管有很多困难，但这个人至少需要找到一半人拿着不同的信封。 然后，他们将需要尝试从这五个陌生人那里窃取碎片，这些陌生人可能拥有自己的武器来打击攻击者。

The last line of defense is that the shares are encrypted, so even if an attacker compromises all the nodes of the network, it can’t decrypt the shares because they are encrypted with a key that is only stored within the user’s device.

最后一道防线是共享已加密，因此即使攻击者破坏了网络的所有节点，它也无法解密共享，因为共享仅使用存储在用户设备中的密钥进行了加密。

Imagine, the attacker finally managed to steal five of those pieces of the envelope you wrote your message in. Now, he can finally learn what the message is. However, when he goes to open the pieces, he finds a bunch of random words, and he in unable to make sense of it. The only person that knows how to decrypt the message is the person who created it — you.

想象一下，攻击者最终设法窃取了您在其中写入消息的那五个信封。现在，他终于可以了解消息是什么了。 但是，当他去打开作品时，他发现了一堆乱七八糟的单词，使他无法理解。 唯一知道如何解密消息的人是创建消息的人-您。

秘密共享的潜力 (The potential of secret sharing)

As our physical and digital worlds continue to converge and blend together, SSS, combined with zero-knowledge encryption and secure multiparty computation, will most likely be used to decentralize risk across all industries, while enabling users to confidently share private data in a way that is secure and empowering.

随着我们的物理世界和数字世界继续融合在一起，SSS与零知识加密和安全的多方计算相结合，很可能会用于分散所有行业的风险，同时使用户能够以一种可靠的方式共享私有数据，是安全和授权的。

Thinking beyond biometric authentication, Keyless is using SSS to build platforms that allow us to securely manage our private cryptographic keys online, as well as our entire digital identities. These technologies will help transform the way we interact with the internet and the world around us, giving unmatched power and control back to the user.

除了生物识别认证外，Keyless还使用SSS构建平台，使我们能够安全地在线管理我们的私人密码匙以及我们的整个数字身份。 这些技术将帮助改变我们与互联网和周围世界互动的方式，从而为用户提供无与伦比的功能和控制。