You seem to want any one user from the set of share holders to be able to
decrypt, but still have a single public key. However do you care if share
holders can compute each other's shares? Bear in mind you can't revoke
shares without changing the public key. If you're not trying to hide shares
from other share holders (shares are just random numbers and not worth
protecting in themselves), what about having the share holders sharing the
private key?
Adam
On Mon, May 14, 2001 at 08:13:56PM -0300, Rafael Coninck Teigao wrote:
> The problem to use RSA is that I need everyone, but the person
> decrypting, to use their keys to create the cyphertext. Correct me if I'm
> wrong.
> What I'm looking for is sort of this: there is a public key that can be
> used to create the cyphertext (only one public key) and a set of private keys
> that can be used alone to get the cleartext from this cyphertext.
