TechQA.

Implementation to protect a 2048-bit RSA private key using a secret sharing scheme

887 views Asked by At

I'm trying to protect a 2048-bit RSA private key (confidentiality & availability). I have been looking around for more information on how to do that and I'm thinking of using a secret sharing scheme (Shamir's Secret Sharing would be fine).

Is it the best option ? Does anyone know a GNU/GPL software implementation in order to accomplish this ?

I look at "ssss" (http://point-at-infinity.org/ssss/), but secret need to be at most 128 ASCII characters and it's too short for a 2048-bit RSA private key.

Thanks for your help.

encryption private-key shared-secret
Original Q&A
2

There are 2 answers

1
Iridium On

Just as with public-key cryptography, you occasionally need to use a hybrid scheme when the data exceeds a certain size - you can encrypt the private key using a normal symmetric algorithm with a random key, and then split the symmetric key using a secret-splitting algorithm of choice.

I believe that the implementation here: https://github.com/moserware/SecretSplitter uses this method to split data that exceeds the size limit of the underlying splitting algorithm.

0
jww On

Is it the best option ? Does anyone know a GNU/GPL software implementation in order to accomplish this ?

Crypto++ offers the functionality. But the license is Public Domain (individual source files) or Boost Software 1.0 (library as a whole). Its not GNU/GPL.

Here's the code to do it from Crypto++. It was taken from test.cpp:

Splitting

void SecretShareFile(int threshold, int nShares, const char *filename, const char *seed)
{
    RandomPool rng;
    rng.IncorporateEntropy((byte *)seed, strlen(seed));

    ChannelSwitch *channelSwitch;
    FileSource source(filename, false, new SecretSharing(rng,
        threshold, nShares, channelSwitch = new ChannelSwitch));

    vector_member_ptrs<FileSink> fileSinks(nShares);
    string channel;
    for (int i=0; i<nShares; i++)
    {
        char extension[5] = ".000";
        extension[1]='0'+byte(i/100);
        extension[2]='0'+byte((i/10)%10);
        extension[3]='0'+byte(i%10);
        fileSinks[i].reset(new FileSink((string(filename)+extension).c_str()));

        channel = WordToString<word32>(i);
        fileSinks[i]->Put((byte *)channel.data(), 4);
        channelSwitch->AddRoute(channel, *fileSinks[i], DEFAULT_CHANNEL);
    }

    source.PumpAll();
}

Combining

void SecretRecoverFile(int threshold, const char *outFilename, char *const *inFilenames)
{
    SecretRecovery recovery(threshold, new FileSink(outFilename));

    vector_member_ptrs<FileSource> fileSources(threshold);
    SecByteBlock channel(4);
    int i;
    for (i=0; i<threshold; i++)
    {
        fileSources[i].reset(new FileSource(inFilenames[i], false));
        fileSources[i]->Pump(4);
        fileSources[i]->Get(channel, 4);
        fileSources[i]->Attach(new ChannelSwitch(recovery, string((char *)channel.begin(), 4)));
    }

    while (fileSources[0]->Pump(256))
        for (i=1; i<threshold; i++)
            fileSources[i]->Pump(256);

    for (i=0; i<threshold; i++)
        fileSources[i]->PumpAll();
}

Related Questions in ENCRYPTION

Related Questions in PRIVATE-KEY

Related Questions in SHARED-SECRET

Popular Questions

Popular Tags

javascript python java c# php android html jquery c++ css ios sql mysql r reactjs node.js arrays c asp.net json python-3.x ruby-on-rails .net sql-server swift django angular objective-c pandas excel

Trending Questions