Richard, I did some work on a project a while back that might be relevant to your search:
http://crypto.stanford.edu/~dabo/ITTC/ The basic idea was that an RSA key was broken up into shares, and each share could participate in a private-key decryption/signing operation without having to reveal it to anyone. Instead, each participant received the message to be handled, processed it with her own share, and the results were combined to obtain the result. The work was done with OpenSSL, and used PEM files to store the shares. Tom Richard Levitte - VMS Whacker wrote: > In message <[EMAIL PROTECTED]> on Fri, 5 Jul 2002 18:45:12 +0300, >Vadim Fedukovich <[EMAIL PROTECTED]> said: > > vf> see a program attached for details. It handles numbers of 1024 bit range > vf> doing Shamir secret sharing. > > Secret sharing is something I've been pondering implementing in > OpenSSL for a while now, on and off. Too bad your snipet of code is > licensed under the GPL, that makes it unusable to be included in > OpenSSL, if you'd be inclined that way. > > Anyhow, I'm not going to discuss licenses, that's not the purpose of > this letter. Instead, I'd like to discuss protocol and usability. > > Shamir's method is beautiful and really easy to understand with a > certain minimum of mathematical knowledge. However, it doesn't give > any hint on how to protect the shares (understandably, of course). > To use it as a part of OpenSSL, and especially as part of the openssl > application (as well as other applications based on OpenSSL), one > needs to collect the shares in one place, one way or the other. > > I'm imagining the following scenario: > > - We implement the shared secret PEM file, with the identity "SHAMIR > SHARED SECRET", which would contain an ASN.1 blob (for which we'd > need to define a module) containing the prime p (assuming we use > modular arithmetics for the calculations), the small number x (the x > coordinate of the point that is your share) and the share itself. > This would then be protected the same way we currently protect > private keys. This part is actually rather easy. > > - I get involved in a sensitive project where shared secrets are used > for protection. The implementation I see right now is that each > participant inserts his or her diskette, tells the software what the > name of the file on that diskette is and gives a password when > prompted for it... > > The last part is somewhat of a problem, security-wise. I mean, when I > play with my own software, use my own private key protected > appropriately, running on my laptop that isn't connected to anything > and that has been checked for trojans, viruses and whatever, I feel > rather safe signing some document, removing the diskette and > reconnecting to the net in some fashion (no, I don't usually do things > in quite such a paranoid fashion. My laptop is secure enough and > checked enough for my use). However, sticking that same diskette on > another system and giving it a password, when I'm not entirely certain > there's no stealth program listening to the keyborad input and > secretly taking a backup of my diskette, isn't something I would do > without a lot of guarantees, and then I would still be suspicious. > > Is there any scheme that would make the use of shared secrets a bit > safer, or will this simply come down to each participant's trust in > the system where the shared secret is used? > > For perfect safety (as closely as you can get to it), hardware devices > like nCipher (who uses some kind of shared secret for the admin cards > in the nForec boxes, I believe) are of course the option. However, I > don't have the funds for that, and I'd really like to know of any > software variant that is as close to safe as I'd like. > > Anyone? URLs are perfectly fine as pointers :-). > -- Tom Wu Principal Software Engineer Arcot Systems (408) 969-6124 "The Borg? Sounds Swedish..." ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
