In cryptography, a cryptosystem is called a "threshold cryptosystem", if in order to decrypt an encrypted message, several parties (more than some threshold number) must cooperate in the decryption protocol. The message is encrypted using a public key and the corresponding private key is shared among the participating parties. Let
Threshold versions of encryption schemes can be built for many public encryption schemes. The natural goal of such schemes is to be as secure as the original scheme. Such threshold versions have been defined for:
Application
The most common application is in the storage of secrets in multiple locations to prevent the capture of the ciphertext and the subsequent performance of cryptanalysis on that cyphertext. Most often the secrets that are "split" are the secret key material of a public key cryptography key pair or the ciphertext of stored password hashes.
Historically, only organizations with very valuable secrets, such as certificate authorities, militaries, and governments, would make use of the technology. However, in October 2012 after a number of large public website password ciphertext compromises, RSA Security announced that it would be releasing software that makes the technology available to the general public.