What alogrithm is used on the smart cards for the DNSSEC Trusted Community Representatives?

Question

I've been doing some reading about DNSSec and am interested in the algorithm that they chose to use when splitting the trusted key up between the 7 Trusted Community Representatives (TCR).

I unfortunately can't find any information about the algorithm itself anywhere.

Is it just an implementation of the Shamir Secret Sharing Algorithm, or is it using a different approach?

A little bit of information can be found here.

I found this video describing the process a bit more: http://dns.icann.org/ksk/ — Aidos, May 18 '12 at 11:19

score 2 · Accepted Answer · answered May 22 '12 at 15:26

The DNSSEC Practice Statement says in section 5.2.2 that they use secret sharing but does not specify an algorithm. However if you do some Google searches, people seem to assume it is indeed Shamir's Secret Sharing algorithm, including Bruce Schneier.

What alogrithm is used on the smart cards for the DNSSEC Trusted Community Representatives?

1 Answers1