Secret sharing schemes comprise a cryptographic tool for implementing secure distributed protocols. They allow a secret to be split into a number of randomly produced pieces, or shares, and their distribution to corresponding entities during a secret sharing phase, such that this split secret may become again available, during a secret reconstruction phase, only by combining a number of these shares that satisfy some well-defined conditions.
In certain settings it is useful that one or more of the shares are chosen according to some external criteria (e.g., independently of the secret being split or the secret sharing method itself). Thus, techniques have been proposed or suggested for extending secret sharing schemes to support sharing of secrets into shares so that one or more shares take on some predetermined fixed values and not arbitrary values that are randomly chosen during the secret sharing phase. For example, U.S. patent application Ser. No. 14/577,206, filed Dec. 19, 2014, entitled “Protection of a Secret on a Mobile Device Using a Secret-Splitting Technique with a Fixed User Share,” (Now U.S. Pat. No. 9,455,968), discloses the use of “fixed shares” for enabling flexible reconstruction policies of keys split using the well-known Shamir's sharing scheme that allow for the use of one or more user-defined shares (e.g., a password) during key reconstruction.
A need remains for improved secret sharing schemes that support selection of predetermined fixed shares without affecting the security of the underlying secret sharing schemes. Another need exists for improved secret sharing schemes that support selection of predetermined fixed shares as well as restrictions on the use of such predetermined fixed shares that improve the usability and/or the security of the underlying secret sharing schemes.