Threshold Secret Sharing¶

Added in version 1.9.1.

Threshold secret sharing allows splitting a secret into N shares such that M (for specified M <= N) is sufficient to recover the secret, but an attacker with M - 1 shares cannot derive any information about the secret.

The implementation in Botan follows an expired Internet draft “draft-mcgrew-tss-03”. Several other implementations of this TSS format exist.

class RTSS_Share¶

static std::vector<RTSS_Share> split(uint8_t M, uint8_t N, const uint8_t secret[], uint16_t secret_len, const std::vector<uint8_t> &identifier, const std::string &hash_fn, RandomNumberGenerator &rng)¶

Split a secret. The identifier is an optional key identifier which may be up to 16 bytes long. Shorter identifiers are padded with zeros.

The hash function must be either “SHA-1”, “SHA-256”, or “None” to disable the checksum.

This will return a vector of length N, any M of these shares is sufficient to reconstruct the data.

static secure_vector<uint8_t> reconstruct(const std::vector<RTSS_Share> &shares)¶: Given a sufficient number of shares, reconstruct a secret.

RTSS_Share(const uint8_t data[], size_t len)¶: Read a TSS share as a sequence of bytes.

const secure_vector<uint8> &data() const¶: Return the data of this share.

uint8_t share_id() const¶: Return the share ID which will be in the range 1…255

Getting Started
Project Goals
Support Information
Building The Library
Semantic Versioning
Botan 2.x to 3.x Migration
OpenSSL 1.1 to Botan 3.x Migration
API Reference
Command Line Interface
Hardware Acceleration
Deprecated Features
Development Roadmap
Credits
ABI Stability
Notes for Distributors
Security Advisories
Side Channels
Developer Reference

Botan

Table of Contents

Search