.Dd April 15, 1997 .Dt SECRETSPLIT 1 .Os NetBSD 1.2BETA .Sh NAME .Nm secretsplit .Nd secret-splitting program .Sh SYNOPSIS .Nm .Fl s .Op Fl i .Op Fl I .Op Fl v Ns Op Cm v... .Ar secret .Ar modulus .Ar totalparts .Ar minparts .br .Nm .Fl m .Op Fl b Ns Ar N .Op Fl x .Op Fl v Ns Op Cm v... .Ar part ... .Sh DESCRIPTION .Nm implements secret-splitting. .Pp In its first form, with .Fl s , .Nm splits .Ar secret into .Ar totalparts parts, of which any .Ar minparts will suffice to reconstruct the secret. .Ar modulus must be a prime larger than .Ar secret ; see .Xr bigprime 1 . The resulting parts are output, one per line, in a format private to .\" Why doesn't ".Nm ;" work right? .Nm secretsplit ; all that is promised about this format is that the only characters that will appear in a part are digits and lowercase letters. The arguments are simply numbers; by default they are in decimal, but a leading .Li 0x or .Li 0X will indicate hexadecimal, and a leading .Li 0 will indicate octal. Other bases can be used as well by prefixing the base, expressed in decimal, surrounded by colons, to the number; bases can range from 2 through 36. For example, all of these specify the same number: .Bd -literal 011145401322 1234567890 0x499602d2 :23:87ifcgi :36:kf12oi .Ed .Nm needs to generate random numbers; it obtains the necessary entropy by running various system utilities, such as .Xr ps 1 and .Xr netstat 1 ; if .Fl i is given, it also reads its standard input to EOF and uses that as additional random-number seed data. If .Fl I is given, standard input is read and the other sources are ignored. This is emphatically not recommended; the option exists for people who have a relatively high-bandwidth source of strong random bits and don't want to (or can't) wait for the normal randomness-gathering process. .Pp The second form, with .Fl m , is used to reconstruct the secret. One or more .Ar part Ns s must be given on the command line; .Nm will reconstruct the secret that was given when the parts were generated, if enough parts are provided. If more parts are given than are needed, .Nm will check that all the parts match. If too few parts are given, .Nm cannot reconstruct the secret, and will print a message saying so. In any case, some consistency checks are possible, such as checking that all parts given were generated with identical .Ar modulus values; these are always done, and if they fail, an error is produced and nothing further is done no matter how many parts are given. .Pp When reconstructing a secret, by default, the recovered secret is output in decimal. Specifying .Fl b Ns Ar N produces output in base .Ar N instead; .Fl x is an abbreviation for .Fl b Ns Ar 16 . .Pp If both .Fl s and .Fl m are given, operation is controlled by whichever one appears last on the command line. .Pp The .Fl v option makes .Nm verbose, producing messages on stderr describing its progress. Multiple .Fl v options increase the level of chattiness. .Sh BUGS When splitting, if .Ar modulus is not a prime, .Nm the resulting parts may be useless; it will not necessarily be possible to uniquely reconstruct the secret from the generated parts. .Nm does not check for this condition, since it is relatively expensive to do so. .Sh AUTHOR der Mouse, .Aq mouse@rodents.montreal.qc.ca .