Even if this was an accident, isn't it theoretically possible for one of the trustees to intentionally not provide the key to trigger the re-election? There's no guarantee that the people will vote the same. I see this as a kind of vulnerability.
I don't know if they used such a method, but it is possible to provide a proof for the key before it is actually useful.
E.g. everyone provides a hash for their key first, and the actual key a some seconds later, when all the hashes for the keys have arrived. Someone is 'cheating' by claiming key loss if s/he claims the s/he lost the key during that few seconds.
The opposite is interesting to think about - for a commonly used threshold cipher, could you craft your part to secretly force a chosen plaintext regardless of the other parts?
zerof1l|3 months ago
Even if this was an accident, isn't it theoretically possible for one of the trustees to intentionally not provide the key to trigger the re-election? There's no guarantee that the people will vote the same. I see this as a kind of vulnerability.
justincormack|3 months ago
bmacho|3 months ago
E.g. everyone provides a hash for their key first, and the actual key a some seconds later, when all the hashes for the keys have arrived. Someone is 'cheating' by claiming key loss if s/he claims the s/he lost the key during that few seconds.
alfiedotwtf|3 months ago
tptacek|3 months ago