Sample BAT: CLAUS version 1

CLAUS (ColLaboratively Agreed User Secret), version 1, is an example of a secret-sharing BAT. It defines C functions for a user to generate a new public key and to compute a shared secret from another user's public key. It follows the eBATS secret-sharing API so that it is benchmarkable by the eBATS tools.

CLAUS is, cryptographically, a very simple form of the Diffie-Hellman secret-sharing system: it exponentiates modulo a fixed 1024-bit prime. CLAUS doesn't contain many lines of code: it relies on the popular OpenSSL cryptographic library to generate keys and to compute shared secrets. Other BAT implementors may find CLAUS useful as an illustration of the ease of writing BATs.

CLAUS++ is a similar BAT written in C++ rather than C.

Core files

The CLAUS package contains several files. One file, claus-1/sizes.h, states that there are 256 bytes in a secret key, 128 bytes in a public key, and 128 bytes in a shared secret:

     #define SECRETKEY_BYTES 256
     #define PUBLICKEY_BYTES 128
     #define SHAREDSECRET_BYTES 128

A single BAT can be parametrized and allow multiple key sizes; or it can be limited to a single key size, as illustrated by CLAUS.

Another file, claus-1/keypair.c, defines a keypair() function that generates a secret key and a public key:

     int keypair(
       unsigned char sk[SECRETKEY_BYTES],unsigned long long *sklen,
       unsigned char pk[PUBLICKEY_BYTES],unsigned long long *pklen
     )
     {
       ...
     }

At a lower level, claus-1/keypair.c includes claus-1/prime.h for access to a prime number defined in claus-1/prime.c; and it uses various OpenSSL functions. OpenSSL is automatically made available to all BATs.

Another file, claus-1/sharedsecret.c, defines a sharedsecret() function that generates a shared secret:

     int sharedsecret(
       unsigned char s[SHAREDSECRET_BYTES],unsigned long long *slen,
       const unsigned char sk[SECRETKEY_BYTES],const unsigned long long sklen,
       const unsigned char pk[PUBLICKEY_BYTES],const unsigned long long pklen
     )
     {
       ...
     }

There's no special naming convention for the .c files and .h files other than sizes.h. All of the C functions could have been defined in one file or spread among any number of files. All of these files are automatically compiled together by the eBATS benchmarking tools.

Add-on files

Another file, claus-1/extra.c, defines several optional functions that document extra features of CLAUS:

The copyrightclaims function returns 0 to indicate that there are no known copyright claims against distribution of CLAUS.
The patentclaims function returns 0 to indicate that there are no known patent claims against use of CLAUS.
The multiplekeycdhchance function reports the effectiveness of the best e-euro s-second k-key attack known, namely computing 1024-bit multiplicative-group discrete logarithms:
```
     double multiplekeycdhchance(double e,double s,double k)
     {
       return dlchance(1024,e,s,k);
     }
```
The underlying dlchance function is part of eBATS and didn't require any work by the CLAUS programmer.
The simplified cdhchance function reports the effectiveness of the best e-euro s-second single-key attack known.
The fakekeyattacks function returns 0 to indicate that providing fake public keys does not save time in attacks.

These features are recorded in the eBATS database along with the time/space benchmarks.

One last file, claus-1/documentation.pdf, contains references and other comments for cryptographers:

... CLAUS uses a very simple form of the Diffie-Hellman secret-sharing system. Each secret key a is used to generate a public key 2^a mod p ... Beware that the speed and security of CLAUS can be improved in many ways. ...

This file isn't used in any way by the benchmarking tools but it's still an important part of a BAT.

Version

This is version 2006.11.22 of the eBATS claus-1.html web page. This web page is in the public domain.