How to create a shared hash from multiple passwords?

Question

How to create a shared hash from multiple passwords?

I have an application that generates a password hash of a user, which I then use to encrypt data. I want to extend this to the case where any 2 out of 5 users must authenticate the application before it has enough data to generate this hash.

The problem I am facing is that I need to generate an accurate hash, regardless of which of the two users are authenticated - since I only encrypt one hash.

My main goal is to make it as safe as possible, so if there are other ways to do the same, feel free to mention them. I will just change the code where necessary.

+3

security authentication passwords cryptography encryption

Belrog Aug 05 '09 at 8:49

source share

1 answer

Rasmus faber · Accepted Answer · 2009-08-05T09:01:24+0000

Create a random key, encrypt it using the keys received from each pair (password1, password2), (password1, password3), (password1, password4), (password1, password5), (password2, password3), etc. Then store each of these ten ciphers so that you can look right when you are given two random passwords.

Alternatively, instead of storing all of these pairs, use the (2.5) -second (fx Shamir's ) exchange scheme to split the random key, and then save each of the 5 secrets encrypted with the key received from each of the passwords.

How to create a shared hash from multiple passwords?

More articles: