Building block: Shamir Secret Sharing¶
Implementation of the Shamir Secret Sharing scehme.
This building block is included in the TNO MPC Python Toolbox.
Install¶
Install the tno.mpc.encryption_scheme.shamir package using one of the following options.
Personal access token
Deploy tokens
Cloning this repo (developer mode)
Personal access token¶
Generate a personal access token with
read_apiscope. Instruction are found here.Install
python -m pip install tno.mpc.protocols.distributed_keygen --extra-index-url https://__token__:<personal_access_token>@ci.tno.nl/gitlab/api/v4/projects/9626/packages/pypi/simple
Deploy tokens¶
Generate a deploy token with
read_package_registryscope. Instruction are found here.Install
python -m pip install tno.mpc.protocols.distributed_keygen --extra-index-url https://<GITLAB_DEPLOY_TOKEN>:<GITLAB_DEPLOY_PASSWORD>@ci.tno.nl/gitlab/api/v4/projects/9626/packages/pypi/simple
Dockerfile¶
FROM python:3.8
ARG GITLAB_DEPLOY_TOKEN
ARG GITLAB_DEPLOY_PASSWORD
RUN python -m pip install tno.mpc.protocols.distributed_keygen --extra-index-url https://$GITLAB_DEPLOY_TOKEN:$GITLAB_DEPLOY_PASSWORD@ci.tno.nl/gitlab/api/v4/projects/9626/packages/pypi/simple
Usage¶
The shamir secret sharing module can be used as follows:
from tno.mpc.encryption_schemes.shamir import ShamirSecretSharingScheme, ShamirShares
# Initialize a three-out-of-five secrect sharing scheme with prime 10657
# Note: the polynomial degree is one less than the number of parties needed for reconstruction
shamir_scheme = ShamirSecretSharingScheme(10657, 5, 2)
# Share a secret integer
sharing = shamir_scheme.share_secret(42)
# When receiving shares a reconstructor can be created as follows
reconstructor = ShamirShares(
shamir_scheme, {1: sharing.shares[1], 2: sharing.shares[2], 3: sharing.shares[3]}
)
# Reconstruct the secret and check if it is the expected result
assert 42 == sharing.reconstruct_secret() == reconstructor.reconstruct_secret()