Definition: a "(t, n) threshold system" is a method of taking a b-bit number, s, and producing n b-bit numbers with the property that someone who has access to t or more of those n numbers can reconstruct s, but someone who has access to less than t of the numbers can learn nothing about s. The n b-bit numbers are called "shares".
Suppose you use a (5,5) threshold system to make 5 shares of a secret, and you distribute those shares to 5 shareholders. Someone who wants to get your secret without your cooperation has to convince all 5 shareholders to cooperate (or steal copies of the shares from all 5 of them).
If that does not provide a sufficient level of protection, you could instead go with a (6,6) or (7,7) or higher threshold system. The higher you go, the less likely it is that a bad actor will be able to get copies of all the shares.
A drawback of that approach is that if just one shareholder loses their share, the secret is not recoverable. That can be addressed by increasing n more than t. Instead of say, a (7,7) threshold system maybe you use a (7,10).
That's the basic idea. You set t high enough that the chances that a bad actor, even a powerful one, could subvert t different shareholders is low enough for you, and you set n above t a bit to allow for some shareholders losing their shares or being unavailable if the time ever comes when the shareholders decide that there is a legitimate reason to recover your secret.
Going beyond the basic idea, you can add a second level. You take your secret, and make, say, 4 shares using a (4,4) system. Let's call these "level 1 shares". Instead of giving the level 1 shares to shareholders, we can take each level 1 share, use a separate threshold system to make shares of the level 1 share, which we call "level 2 shares", and distribute the level 2 shares to shareholders.
What this does is let us make different categories of shareholders, with different weights.
So we might make 4 level 1 shares, using a (4,4) system. Call these s1, s2, s3, and s4. We thing might apply a (3,3) system to s1, and give the resulting shares to whatever agency or department or branch handles warrants in 3 separate foreign national governments.
s2 we apply a (3,6) system to, and given those 6 shares to 6 non-government civil rights organizations.
s3 we apply a (3,6) system to, and give those to 6 individuals that we trust.
s4 we apply a (2,3) system to, and give those to three commercial entities that offer shareholding as a service. We should pick entities in 3 different countries, separate from the countries we gave s1's shares to.
With that scheme, someone trying to get at our secret needs to get 3 foreign governments, 3 civil rights organizations, 3 people we trust, and 2 companies to all agree that giving up our secret is justified.
As with the single level approach you can bump the particular numbers up or down to decrease or increase the chances that someone can illegitimately get your secret.
Suppose you use a (5,5) threshold system to make 5 shares of a secret, and you distribute those shares to 5 shareholders. Someone who wants to get your secret without your cooperation has to convince all 5 shareholders to cooperate (or steal copies of the shares from all 5 of them).
If that does not provide a sufficient level of protection, you could instead go with a (6,6) or (7,7) or higher threshold system. The higher you go, the less likely it is that a bad actor will be able to get copies of all the shares.
A drawback of that approach is that if just one shareholder loses their share, the secret is not recoverable. That can be addressed by increasing n more than t. Instead of say, a (7,7) threshold system maybe you use a (7,10).
That's the basic idea. You set t high enough that the chances that a bad actor, even a powerful one, could subvert t different shareholders is low enough for you, and you set n above t a bit to allow for some shareholders losing their shares or being unavailable if the time ever comes when the shareholders decide that there is a legitimate reason to recover your secret.
Going beyond the basic idea, you can add a second level. You take your secret, and make, say, 4 shares using a (4,4) system. Let's call these "level 1 shares". Instead of giving the level 1 shares to shareholders, we can take each level 1 share, use a separate threshold system to make shares of the level 1 share, which we call "level 2 shares", and distribute the level 2 shares to shareholders.
What this does is let us make different categories of shareholders, with different weights.
So we might make 4 level 1 shares, using a (4,4) system. Call these s1, s2, s3, and s4. We thing might apply a (3,3) system to s1, and give the resulting shares to whatever agency or department or branch handles warrants in 3 separate foreign national governments.
s2 we apply a (3,6) system to, and given those 6 shares to 6 non-government civil rights organizations.
s3 we apply a (3,6) system to, and give those to 6 individuals that we trust.
s4 we apply a (2,3) system to, and give those to three commercial entities that offer shareholding as a service. We should pick entities in 3 different countries, separate from the countries we gave s1's shares to.
With that scheme, someone trying to get at our secret needs to get 3 foreign governments, 3 civil rights organizations, 3 people we trust, and 2 companies to all agree that giving up our secret is justified.
As with the single level approach you can bump the particular numbers up or down to decrease or increase the chances that someone can illegitimately get your secret.