Skip to Main Content
In traditional secret sharing, a central trusted authority must divide a secret into multiple parts, called shares, such that the secret can only be recovered when a certain number of shares are available for reconstruction , . In this paper, we consider a secret sharing problem in which each share must be created separately by independent entities such that no collaboration or shared cryptographic keys are required; we call this the distributed keyless secret sharing problem. For this problem, general tradeoffs between compression and secrecy are characterized yielding the impossibility result that perfect secrecy is unachievable. In response to this impossibility, we define a practical measure of secrecy and design a low-cost solution based on this measure of secrecy.