Chapter 2 Algorithm Info Types 17
AI_BSSecretSharing
AI_BSSecretSharingPurpose:
This AI allows you to split a highly sensitive secret, such as a private key, into several
“shares”, which can be reassembled to recreate the original secret. The secret can only
be recreated if there are at least a “threshold” number of shares present. For example,
the secret can be divided into five shares. If the threshold is three, any three of them
can be used to reconstruct the secret.
Type of information this allows you to use:
the Bloom-Shamir secret sharing algorithm as defined in “Generalized Linear
Threshold Scheme” by S.C. Kothari, Proceedings of CRYPTO 84.
Format of info supplied to B_SetAlgorithmInfo:
pointer to a B_SECRET_SHARING_PARAMS structure:
The
threshold
is the minimum number of shares required to recover the secret key; it
has a minimum value of 2 and maximum of 255.
Format of info returned by B_GetAlgorithmInfo:
pointer to a B_SECRET_SHARING_PARAMS structure (see above).
Crypto-C procedures to use with algorithm object:
B_EncryptInit, B_EncryptUpdate, B_EncryptFinal, B_DecryptInit,
B_DecryptUpdate, and B_DecryptFinal.
B_EncryptUpdate must be called a minimum of
threshold
times. Each time, the secret
being split must be supplied as the input and one new share is returned as the output.
B_EncryptFinal returns a status of BE_OUTPUT_COUNT if the number of calls to
B_EncryptUpdate calls is less than the
threshold
. B_EncryptFinal supplies no output.
typedef struct {
unsigned int threshold; /* share threshold */
} B_SECRET_SHARING_PARAMS;