snipsco/rust-threshold-secret-sharing

Threshold Secret Sharing

Efficient pure-Rust library for MIT license (LICENSE-MIT or

Threshold Secret Sharing

Efficient pure-Rust library for secret sharing, offering efficient share generation and reconstruction for both traditional Shamir sharing and packet sharing. For now, secrets and shares are fixed as prime field elements represented by i64 values.

Installation

Cargo

GitHub

Examples

Several examples are included in the examples/ directory. Run each with cargo using e.g.

for the Shamir example below.

Shamir sharing

Using the Shamir scheme is relatively straight-forward.

When choosing parameters, threshold and share_count must be chosen to satisfy security requirements, and prime must be large enough to correctly encode the value to be shared (and such that prime >= share_count + 1).

When reconstructing the secret, indices must be explicitly provided to identify the shares; these correspond to the indices the shares had in the vector returned by share().

Packed sharing

If many secrets are to be secret shared, it may be beneficial to use the packed scheme where several secrets are packed into each share. While still very computational efficient, one downside is that the parameters are somewhat restricted.

Specifically, the parameters are split in scheme parameters and implementation parameters:

  • the former, like in Shamir sharing, determines the abstract properties of the scheme, yet now also with a secret_count specifying how many secrets are to be packed into each share; the reconstruction limit is implicitly defined as secret_count + threshold + 1
  • the latter is related to the implementation (currently based on the Fast Fourier Transform) and requires not only a prime specifying the field, but also two principal roots of unity within that field, which must be respectively a power of 2 and a power of 3

Due to this increased complexity, providing helper functions for finding suitable parameters are in progress. For now, a few fixed fields are included in the packed module as illustrated in the example below:

  • PSS_4_8_3, PSS_4_26_3, PSS_155_728_100, PSS_155_19682_100

with format PSS_T_N_D for sharing D secrets into N shares with a threshold of T.

Homomorphic properties

Both the Shamir and the packed scheme enjoy certain homomorphic properties: shared secrets can be transformed by manipulating the shares. Both addition and multiplications work, yet notice that the reconstruction limit in the case of multiplication goes up by a factor of two for each application.

Parameter generation

While it's straight-forward to instantiate the Shamir scheme, as mentioned above the packed scheme is more tricky and a few helper methods are provided as a result. Since some applications needs only a fixed choice of parameters, these helper methods are optional and only included if the paramgen feature is activated during compilation:

which also adds several extra dependencies.

Performance

So far most performance efforts has been focused on share generation for the packed scheme, with some obvious enhancements for reconstruction in the process of being implemented. As an example, sharing 100 secrets into approximately 20,000 shares with the packed scheme runs in around 31ms on a recent laptop, and in around 590ms on a Raspberry Pi 3.

These numbers were obtained by running

using the nightly toolchain.

License

Licensed under either of

  • Apache License, Version 2.0 (LICENSE-APACHE or http://www.apache.org/licenses/LICENSE-2.0)
  • MIT license (LICENSE-MIT or #404) at your option.

Contribution

Unless you explicitly state otherwise, any contribution intentionally submitted for inclusion in the work by you, as defined in the Apache-2.0 license, shall be dual licensed as above, without any additional terms or conditions.

Issues

Collection of the latest Issues

Alakazam03

Alakazam03

Comment Icon0

`let ref tss = tss::shamir::ShamirSecretSharing { threshold: 1, share_count: 4, prime : 11 };

let mobile_number_secret = 9034218120;
let all_shares = tss.share(mobile_number_secret);
let recovered_share = 3;
assert!(recovered_share >= tss.reconstruct_limit());
let recovered_indices: Vec<usize> = (0..recovered_share).collect();
let recovered_shares: &[i64] = &all_shares[0..recovered_share];

// // reconstruct using remaining subset of shares let reconstructed_secret = tss.reconstruct(&recovered_indices, recovered_shares); assert_eq!(reconstructed_secret, mobile_number_secret);`

image

Information - Updated May 03, 2022

Stars: 126
Forks: 29
Issues: 5

A (mostly) pure-Rust implementation of various common cryptographic algorithms

Rust-Crypto seeks to create practical, auditable, pure-Rust implementations of common cryptographic

A (mostly) pure-Rust implementation of various common cryptographic algorithms

Orion is a cryptography library written in pure Rust

It aims to provide easy and usable crypto while trying to minimize the use of unsafe code

Orion is a cryptography library written in pure Rust

Rustls is a modern TLS library written in Rust

ring for cryptography and rustls-pemfile crate

Rustls is a modern TLS library written in Rust

Mundane is a Rust cryptography library backed by BoringSSL that is difficult

to misuse, ergonomic, and performant (in that order)

Mundane is a Rust cryptography library backed by BoringSSL that is difficult

Rustls is a modern TLS library written in Rust

ring for cryptography and rustls-pemfile crate

Rustls is a modern TLS library written in Rust

A (mostly) pure-Rust implementation of various common cryptographic algorithms

Rust-Crypto seeks to create practical, auditable, pure-Rust implementations of common cryptographic

A (mostly) pure-Rust implementation of various common cryptographic algorithms

This repository holds a Rust port of Google's Tink cryptography library

This repository holds a Rust port of Google's RustCrypto crates – this repo focuses on making

This repository holds a Rust port of Google's Tink cryptography library

A cryptography library that is mainly implemented in Rust

I aim to implement bindings to other languages such as C/C++ and Python

A cryptography library that is mainly implemented in Rust

Libsm is an open source pure rust library of China Cryptographic Algorithm Standards

It is completed by a collaborative effort between the Cryptape Technology LLC

Libsm is an open source pure rust library of China Cryptographic Algorithm Standards

A collection of cryptography functions written in Rust

rustup -- curl --proto '=https' --tlsv1

A collection of cryptography functions written in Rust

The SIDH-RS library is an efficient supersingular isogeny-based cryptography library written in Rust language

The library includes the ephemeral Diffie-Hellman key exchange (SIDH) as described in [1,2]

The SIDH-RS library is an efficient supersingular isogeny-based cryptography library written in Rust language
Facebook Instagram Twitter GitHub Dribbble
Privacy