Shamir Secret Sharing in OpenSSL?

classic Classic list List threaded Threaded
5 messages Options
Reply | Threaded
Open this post in threaded view
|

Shamir Secret Sharing in OpenSSL?

Rafael Cividanes
  Hi,

   I'm looking for a secure implementation of Shamir Secret Sharing
algorithm in OpenSSL Project. I coudn't find anything in the page
(www.openssl.org).
   Is there any free implementation like that of Shamir's algorithm?

   Thanks in advance,

  Rafael Cividanes.
 

--
Rafael Cividanes
Instituto Tecnológico de Aeronáutica - ITA
Divisão de Ciência da Computação - IEC
Pça. Mal.Eduardo Gomes, 50 Vila das Acácias
CTA-ITA-IEP    12.228-900 São José dos Campos,SP
Prédio da Guerra Eletrônica - Sala 235
Tel 12-39476891
E-mail: [hidden email]



       
       
               
_______________________________________________________
Yahoo! Acesso Grátis - Internet rápida e grátis.
Instale o discador agora! http://br.acesso.yahoo.com/
______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    [hidden email]
Automated List Manager                           [hidden email]
Reply | Threaded
Open this post in threaded view
|

Re: Shamir Secret Sharing in OpenSSL?

Richard Levitte - VMS Whacker
Rafael Cividanes writes:

>  Hi,
>
>   I'm looking for a secure implementation of Shamir Secret Sharing
> algorithm in OpenSSL Project. I coudn't find anything in the page
> (www.openssl.org).
>   Is there any free implementation like that of Shamir's algorithm?

We did talk about it a few years ago.  However, when I thought about it, I
was disturbed by the fact that you have to put together the secret, THEN
decipher whatever you need to decipher.  In a distributed or otherwise
potentially hostile environment, it means that someone will get the secret,
and then, the sharing scheme is moot.

There was some further talk about a scheme where the message could be
partially deciphered with each secret share.  I don't remember all the
details, and the documents I had disappeared in a disk crash (yeah, I'm much
better at keeping backups these days :-)).

Anyway, that's how far we got...

Cheers,
Richard

 -----
Please consider sponsoring my work on free software.
See http://www.free.lp.se/sponsoring.html for details.

--
Richard Levitte                         [hidden email]
                                       http://richard.levitte.org/ 

"When I became a man I put away childish things, including
the fear of childishness and the desire to be very grown up."
                                               -- C.S. Lewis

______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    [hidden email]
Automated List Manager                           [hidden email]
Reply | Threaded
Open this post in threaded view
|

Re: Shamir Secret Sharing in OpenSSL?

Rafael Cividanes
Richard Levitte wrote:

> Rafael Cividanes writes:
>
>>  Hi,
>>   I'm looking for a secure implementation of Shamir Secret Sharing
>> algorithm in OpenSSL Project. I coudn't find anything in the page
>> (www.openssl.org).
>>   Is there any free implementation like that of Shamir's algorithm?
>
>
> We did talk about it a few years ago.  However, when I thought about
> it, I was disturbed by the fact that you have to put together the
> secret, THEN decipher whatever you need to decipher.  In a distributed
> or otherwise potentially hostile environment, it means that someone
> will get the secret, and then, the sharing scheme is moot.
> There was some further talk about a scheme where the message could be
> partially deciphered with each secret share.  I don't remember all the
> details, and the documents I had disappeared in a disk crash (yeah,
> I'm much better at keeping backups these days :-)).
> Anyway, that's how far we got...
> Cheers,
> Richard
> -----
> Please consider sponsoring my work on free software.
> See http://www.free.lp.se/sponsoring.html for details.

    I was looking this discussion you have mentioned. But for my
application I just need a free secure implementation of Shamir's Secret
Sharing algorithm. Then I'd like to know if any implementaion like that
(free) exists in OpenSSL project or in another one.

   Thanks in advance,

    Rafael Cividanes.

--
Rafael Cividanes
Instituto Tecnológico de Aeronáutica - ITA
Divisão de Ciência da Computação - IEC
Pça. Mal.Eduardo Gomes, 50 Vila das Acácias
CTA-ITA-IEP    12.228-900 São José dos Campos,SP
Prédio da Guerra Eletrônica - Sala 235
Tel 12-39476891
E-mail: [hidden email]



       
       
               
_______________________________________________________
Yahoo! Acesso Gr�tis - Internet r�pida e gr�tis.
Instale o discador agora! http://br.acesso.yahoo.com/
______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    [hidden email]
Automated List Manager                           [hidden email]
Reply | Threaded
Open this post in threaded view
|

Re: Shamir Secret Sharing in OpenSSL?

Vadym Fedyukovych
In reply to this post by Richard Levitte - VMS Whacker
Richard Levitte wrote:

> Rafael Cividanes writes:
>
>>  Hi,
>>   I'm looking for a secure implementation of Shamir Secret Sharing
>> algorithm in OpenSSL Project. I coudn't find anything in the page
>> (www.openssl.org).
>>   Is there any free implementation like that of Shamir's algorithm?
>
>
> We did talk about it a few years ago.  However, when I thought about it,
> I was disturbed by the fact that you have to put together the secret,
> THEN decipher whatever you need to decipher.  In a distributed or
> otherwise potentially hostile environment, it means that someone will
> get the secret, and then, the sharing scheme is moot.

Well, it's the straightforward way to use Shamir technique.
Maybe not the most useful for handling private key shares.

It's easy to use Shamir scheme for ElGamal private key
resulting in decryption by a quorum of key share holders
without giving any one power to decrypt.

The same apply for RSA. However, generating private key in shares
is a bit tricky for this scheme

> There was some further talk about a scheme where the message could be
> partially deciphered with each secret share.  I don't remember all the
> details, and the documents I had disappeared in a disk crash (yeah, I'm
> much better at keeping backups these days :-)).

http://www.mail-archive.com/openssl-users@.../msg26707.html
http://www.mail-archive.com/openssl-users@.../msg26787.html
http://www.mail-archive.com/openssl-users@.../msg26702.html

> Anyway, that's how far we got...
> Cheers,
> Richard
> -----
> Please consider sponsoring my work on free software.
> See http://www.free.lp.se/sponsoring.html for details.

______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    [hidden email]
Automated List Manager                           [hidden email]
Reply | Threaded
Open this post in threaded view
|

Re: Shamir Secret Sharing in OpenSSL?

Richard Levitte - VMS Whacker
In reply to this post by Rafael Cividanes
In message <[hidden email]> on Wed, 06 Jul 2005 12:00:24 -0300, Rafael Cividanes <[hidden email]> said:

rafacividanes>     I was looking this discussion you have
rafacividanes> mentioned. But for my application I just need a free
rafacividanes> secure implementation of Shamir's Secret Sharing
rafacividanes> algorithm. Then I'd like to know if any implementaion
rafacividanes> like that (free) exists in OpenSSL project or in
rafacividanes> another one.

OpenSSL doesn't have any secret sharing scheme yet.  The only free
implementation that I found while googling today was
http://www.buttsoft.com/~silly/software/tontine/

Cheers,
Richard

-----
Please consider sponsoring my work on free software.
See http://www.free.lp.se/sponsoring.html for details.

--
Richard Levitte                         [hidden email]
                                        http://richard.levitte.org/

"When I became a man I put away childish things, including
 the fear of childishness and the desire to be very grown up."
                                                -- C.S. Lewis
______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    [hidden email]
Automated List Manager                           [hidden email]