Secret Sharing

if ((status = B_EncryptInit (secretSplitter, (B_KEY_OBJ)NULL_PTR, (B_ALGORITHM_CHOOSER)NULL_PTR, (A_SURRENDER_CTX *)NULL_PTR)) != 0)

break;

Step 4: Update

Call B_EncryptUpdate once for each of the total number of shares. Each call to

B_EncryptUpdate produces a share. For each share, you must allocate a space that is one byte larger than the secret. A share is actually the same size as the secret, but Crypto-C also appends one byte containing the number of the share. (This is why Crypto-C limits the shares to 255; it is the largest integer one byte can represent.) Make sure you do not overwrite a previous share.

The input for each call to B_EncryptUpdate is the secret itself. You also need a random algorithm for the first call to B_EncryptUpdate. You can pass a random algorithm each time, however; Crypto-C simply ignores it on each successive call. Complete Steps 1 through 4 of “Generating Random Numbers” on page 165. You do not need random bytes, only an algorithm that can generate them. This function is not too time- consuming, so it is reasonable to pass a properly cast NULL_PTR for the surrender context.

To create four shares, you could use the following:

#define SECRET_SIZE 16 #define TOTAL_SHARES 4

static unsigned char secretKey[SECRET_SIZE] = { 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, 0x10

};

unsigned char *secretShare[TOTAL_SHARES]; unsigned int secretShareLen[TOTAL_SHARES]; int count;

for (count = 0; count < TOTAL_SHARES; ++count) secretShare[count] = NULL_PTR;

C h a p t e r 8 S e c r e t S h a r i n g O p e r a t i o n s

3 0 7

Page 329
Image 329
RSA Security 5.2.2 manual Update, #define Secretsize 16 #define Totalshares