Consider Shamir's Secret Sharing scheme with $n=5, t=3$ (i.e, there are 5 shares, and when we have 3 of them we can reconstruct our secret $s$). Let $f(x)$ be the dealing function, i.e the secret $s$ is defined as $s = f(0)$.
We assume that given 3 participants who gather together in order to reveal the secret, one of them wants to cheat in the manner of preventing the other 2 participants from revealing the secret. He doesn't care about the secret itself - he just want to sabotage the revealing of $s$.
I want to prove formally that neither of the 2 honest participants can detect who is the cheater.
My current lead is this: in the revealing process - using Lagrange's interpolation - each participant reveals his tuple $\left(x_i, f\left(x_i\right)\right)$ (where WLOG $\forall i : x_i \in \{1,2,3\}$), or perhaps just the unique function for that participant ($f_j(x) = y_j \cdot \prod_{1 \leq i \leq 3, i\neq j}\frac{x-x_i}{x_j - x_i}$ where eventually $\tilde{f}(x) = \sum_{j=1}^3 f_j(x)$ ) - but reconstructing this way only reveals a function $\tilde{f}(x)$ which they find out to be useless (when they try to use $\tilde{s}=\tilde{f}(0) \neq s$). It seems very intuitive that an honest participant cannot tell which $f_j(x)$ messed everything up, but I don't manage to write it formally. would appreciate some help... thanks.
