share

package
v0.0.0-...-0b3308b Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Jun 19, 2017 License: MPL-2.0 Imports: 6 Imported by: 0

Documentation

Overview

Package share implements Shamir secret sharing and polynomial commitments. Shamir's scheme allows to split a secret value into multiple parts, so called shares, by evaluating a secret sharing polynomial at certain indices. The shared secret can only be reconstructed (via Lagrange interpolation) if a threshold of the participants provide their shares. A polynomial commitment scheme allows a committer to commit to a secret sharing polynomial so that a verifier can check the claimed evaluations of the committed polynomial. Both schemes of this package are core building blocks for more advanced secret sharing techniques.

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func RecoverCommit 

func RecoverCommit(g abstract.Group, shares []*PubShare, t, n int) (abstract.Point, error)

RecoverCommit reconstructs the secret commitment p(0) from a list of public shares using Lagrange interpolation.

func RecoverSecret 

func RecoverSecret(g abstract.Group, shares []*PriShare, t, n int) (abstract.Scalar, error)

RecoverSecret reconstructs the shared secret p(0) from a list of private shares using Lagrange interpolation.

Types

type PriPoly 

type PriPoly struct {
	// contains filtered or unexported fields
}

PriPoly represents a secret sharing polynomial.

func NewPriPoly 

func NewPriPoly(g abstract.Group, t int, s abstract.Scalar, rand cipher.Stream) *PriPoly

NewPriPoly creates a new secret sharing polynomial for the cryptographic group g, the secret sharing threshold t, and the secret to be shared s.

func RecoverPriPoly 

func RecoverPriPoly(g abstract.Group, shares []*PriShare, t, n int) (*PriPoly, error)

RecoverPriPoly takes a list of shares and the parameters t and n to reconstruct the secret polynomial completely, i.e., all private coefficients. It is up to the caller to make sure there are enough shares to correctly re-construct the polynomial. There must be at least t shares.

func (*PriPoly) Add 

func (p *PriPoly) Add(q *PriPoly) (*PriPoly, error)

Add computes the component-wise sum of the polynomials p and q and returns it as a new polynomial.

func (*PriPoly) Commit 

func (p *PriPoly) Commit(b abstract.Point) *PubPoly

Commit creates a public commitment polynomial for the given base point b or the standard base if b == nil.

func (*PriPoly) Equal 

func (p *PriPoly) Equal(q *PriPoly) bool

Equal checks equality of two secret sharing polynomials p and q.

func (*PriPoly) Eval 

func (p *PriPoly) Eval(i int) *PriShare

Eval computes the private share v = p(i).

func (*PriPoly) Mul 

func (p *PriPoly) Mul(q *PriPoly) *PriPoly

Mul multiples p and q together. The result is a polynomial of the sum of the two degrees of p and q. NOTE: it does not check for null coefficients after the multiplication, so the degree of the polynomial is "always" as described above. This is only to use in secret sharing schemes, and is not to be considered a general polynomial manipulation routine.

func (*PriPoly) Secret 

func (p *PriPoly) Secret() abstract.Scalar

GetSecret returns the shared secret p(0), i.e., the constant term of the polynomial.

func (*PriPoly) Shares 

func (p *PriPoly) Shares(n int) []*PriShare

Shares creates a list of n private shares p(1),...,p(n).

func (*PriPoly) String 

func (p *PriPoly) String() string

func (*PriPoly) Threshold 

func (p *PriPoly) Threshold() int

Threshold returns the secret sharing threshold.

type PriShare 

type PriShare struct {
	I int             // Index of the private share
	V abstract.Scalar // Value of the private share
}

PriShare represents a private share.

func (*PriShare) Hash 

func (p *PriShare) Hash(s abstract.Suite) []byte

type PubPoly 

type PubPoly struct {
	// contains filtered or unexported fields
}

PubPoly represents a public commitment polynomial to a secret sharing polynomial.

func NewPubPoly 

func NewPubPoly(g abstract.Group, b abstract.Point, commits []abstract.Point) *PubPoly

NewPubPoly creates a new public commitment polynomial.

func (*PubPoly) Add 

func (p *PubPoly) Add(q *PubPoly) (*PubPoly, error)

Add computes the component-wise sum of the polynomials p and q and returns it as a new polynomial. NOTE: If the base points p.b and q.b are different then the base point of the resulting PubPoly cannot be computed without knowing the discrete logarithm between p.b and q.b. In this particular case, we are using p.b as a default value which of course does not correspond to the correct base point and thus should not be used in further computations.

func (*PubPoly) Check 

func (p *PubPoly) Check(s *PriShare) bool

Check a private share against a public commitment polynomial.

func (*PubPoly) Commit 

func (p *PubPoly) Commit() abstract.Point

Commit returns the secret commitment p(0), i.e., the constant term of the polynomial.

func (*PubPoly) Equal 

func (p *PubPoly) Equal(q *PubPoly) bool

Equal checks equality of two public commitment polynomials p and q.

func (*PubPoly) Eval 

func (p *PubPoly) Eval(i int) *PubShare

Eval computes the public share v = p(i).

func (*PubPoly) Info 

func (p *PubPoly) Info() (abstract.Point, []abstract.Point)

Info returns the base point and the commitments to the polynomial coefficients.

func (*PubPoly) Shares 

func (p *PubPoly) Shares(n int) []*PubShare

Shares creates a list of n public commitment shares p(1),...,p(n).

func (*PubPoly) Threshold 

func (p *PubPoly) Threshold() int

Threshold returns the secret sharing threshold.

type PubShare 

type PubShare struct {
	I int            // Index of the public share
	V abstract.Point // Value of the public share
}

PubShare represents a public share.

func (*PubShare) Hash 

func (p *PubShare) Hash(s abstract.Suite) []byte

Source Files

View all Source files

Directories

Path Synopsis
Package dkg implements the protocol described in "Secure Distributed Key Generation for Discrete-Log Based Cryptosystems" by R. Gennaro, S. Jarecki, H. Krawczyk, and T. Rabin.
 Package dkg implements the protocol described in "Secure Distributed Key Generation for Discrete-Log Based Cryptosystems" by R. Gennaro, S. Jarecki, H. Krawczyk, and T. Rabin.
DSS implements the Distributed Schnorr Signature protocol from the paper "Provably Secure Distributed Schnorr Signatures and a (t, n) Threshold Scheme for Implicit Certificates".
 DSS implements the Distributed Schnorr Signature protocol from the paper "Provably Secure Distributed Schnorr Signatures and a (t, n) Threshold Scheme for Implicit Certificates".
Package pvss implements public verifiable secret sharing as introduced in "A Simple Publicly Verifiable Secret Sharing Scheme and its Application to Electronic Voting" by Berry Schoenmakers.
 Package pvss implements public verifiable secret sharing as introduced in "A Simple Publicly Verifiable Secret Sharing Scheme and its Application to Electronic Voting" by Berry Schoenmakers.
Package vss implements the verifiable secret sharing scheme from the paper "Provably Secure Distributed Schnorr Signatures and a (t, n) Threshold Scheme for Implicit Certificates".
 Package vss implements the verifiable secret sharing scheme from the paper "Provably Secure Distributed Schnorr Signatures and a (t, n) Threshold Scheme for Implicit Certificates".

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.