RSA Security 5 manual AIBSSecretSharing, Pointer to a Bsecretsharingparams structure see above

AI_BSSecretSharing

AI_BSSecretSharing

Purpose:

This AI allows you to split a highly sensitive secret, such as a private key, into several “shares”, which can be reassembled to recreate the original secret. The secret can only be recreated if there are at least a “threshold” number of shares present. For example, the secret can be divided into five shares. If the threshold is three, any three of them can be used to reconstruct the secret.

Type of information this allows you to use:

the Bloom-Shamir secret sharing algorithm as defined in “Generalized Linear Threshold Scheme” by S.C. Kothari, Proceedings of CRYPTO 84.

Format of info supplied to B_SetAlgorithmInfo:

pointer to a B_SECRET_SHARING_PARAMS structure:

}B_SECRET_SHARING_PARAMS;

The threshold is the minimum number of shares required to recover the secret key; it has a minimum value of 2 and maximum of 255.

Format of info returned by B_GetAlgorithmInfo:

pointer to a B_SECRET_SHARING_PARAMS structure (see above).

Crypto-C procedures to use with algorithm object:

B_EncryptInit, B_EncryptUpdate, B_EncryptFinal, B_DecryptInit, B_DecryptUpdate, and B_DecryptFinal.

B_EncryptUpdate must be called a minimum of threshold times. Each time, the secret being split must be supplied as the input and one new share is returned as the output. B_EncryptFinal returns a status of BE_OUTPUT_COUNT if the number of calls to B_EncryptUpdate calls is less than the threshold. B_EncryptFinal supplies no output.