Computer Security Resource Center

Computer Security Resource Center

Computer Security
Resource Center

A  |  B  |  C  |  D  |  E  |  F  |  G  |  H  |  I  |  J  |  K  |  L  |  M  |  N  |  O  |  P  |  Q  |  R  |  S  |  T  |  U  |  V  |  W  |  X  |  Y  |  Z

split knowledge

Abbreviation(s) and Synonym(s):

None

Definition(s):

  A process by which a cryptographic key is split into n key components, each of which provides no knowledge of the original key. The components can be subsequently combined to recreate the original cryptographic key. If knowledge of k (where k is less than or equal to n) components is required to construct the original key, then knowledge of any k – 1 key components provides no information about the original key other than, possibly, its length. Note that in this Recommendation, split knowledge is not intended to cover key shares, such as those used in threshold or multi-party signatures.
Source(s):
NIST SP 800-57 Part 1 Rev. 4 under Split knowledge

  1. Separation of data or information into two or more parts, each part constantly kept under control of separate authorized individuals or teams so that no one individual or team will know the whole data.
Source(s):
CNSSI 4009-2015

  2. A process by which a cryptographic key is split into multiple key components, individually sharing no knowledge of the original key, which can be subsequently input into, or output from, a cryptographic module by separate entities and combined to recreate the original cryptographic key.
Source(s):
CNSSI 4009-2015 (NIST SP 800-57 Part 1 Rev. 3 - Adapted)

  A process by which a cryptographic key is split into n multiple key components, individually providing no knowledge of the original key, which can be subsequently combined to recreate the original cryptographic key. If knowledge of k (where k is less than or equal to n) components is required to construct the original key, then knowledge of any k-1 key components provides no information about the original key other than, possibly, its length. Note that in this document, split knowledge is not intended to cover key shares, such as those used in threshold or multi-party signatures.
Source(s):
NIST SP 800-57 Part 1 Rev. 3 under Split knowledge [Superseded]