You are not logged in.
(n,n) Shamir secret sharing: We construct a polynomial of degree n-1, whose coefficients are uniformly random. Then we get some distinct x values. We give away x values . The secret is the constant term in this polynomial. n-1 share holders cannot obtain the secret but n shareholders can (as we gave away a pair (x,y) to each shareholders). They can do it with Lagrange interpolation.
***** What if we do not send out the X values and only send Y values. would the n shareholders be able to reconstruct a polynomial to obtain the secret?
In (n,n) Shamir secret sharing if the shareholders have all Y values but not X values, can they still construct the secret?
Hope it helps...
if not why? (sorry for keep asking "why" as I need a concrete proof.
Many thanks
How, why?
The ultimate goal is hiding the value of Xs and coefficient and giving away the value of Ys. Scenario:Assume we have a polynomial with uniformly random random coefficients chosen from Fp. We pick distinct random Xs values from same field and obtain n different Ys. Now we keep all coefficients and Xs and only give away Ys.
note:all operation are modulo arithmetic
1)My question is can anybody with this Y`s obtain constant term of the initial polynomial?
2)Furthermore, if we construct some more polynomials with different random coefficients. Then use the same X values as above to obtain Y values for each polynomials. Assuming that all polynomials have the same constant term, can anybody without the knowledge of Xs and coefficients obtain the constant term, by having only Ys ?
If not why?
Many thanks