shamirsecretsharing

Shamir secret sharing library for Rust

6 releases

Uses old Rust 2015

0.1.5 Mar 26, 2021
0.1.4 Nov 1, 2019
0.1.3 Sep 2, 2019
0.1.1 Aug 5, 2017

#776 in Cryptography

Download history 26/week @ 2023-11-15 23/week @ 2023-11-22 18/week @ 2023-11-29 28/week @ 2023-12-06 34/week @ 2023-12-13 47/week @ 2023-12-20 22/week @ 2023-12-27 35/week @ 2024-01-03 86/week @ 2024-01-10 23/week @ 2024-01-17 20/week @ 2024-01-24 19/week @ 2024-01-31 33/week @ 2024-02-07 41/week @ 2024-02-14 65/week @ 2024-02-21 99/week @ 2024-02-28

242 downloads per month
Used in meta-secret-core

MIT license

36KB
477 lines

Shamir secret sharing in Rust

Build Status Coverage Status Docs

sss-rs contains Rust bindings for my Shamir secret sharing library. This library allows users to split secret data into a number of different shares. With the possession of some or all of these shares, the original secret can be restored. (Looking for the command line interface?)

An example use case is a beer brewery which has a vault which contains their precious super secret recipe. The 5 board members of this brewery do not trust all the others well enough that they won't secretly break into the vault and sell the recipe to a competitor. So they split the code into 5 shares, and allow 4 shares to restore the original code. Now they are sure that the majority of the staff will know when the vault is opened, but they can still open the vault when one of the staff members is abroad or sick at home.

Installation

[dependencies]
shamirsecretsharing = "0.1"

Usage

Secrets are always supplied as &[u8] slices with a length of 64 items. Shares are generated from a piece of secret data using the create_shares function and shares can be afterwards be combined using combine_shares.

Shares are always 113 bytes long. Both create_shares and combine_shares return a Result<_, SSSError> type. Errors will only happen when invalid parameters are supplied. When given valid parameters, these function will always return Ok(_). In the case of invalid parameters the error will be able to tell you what went wrong.

use shamirsecretsharing::*;

// Create a some shares over the secret data `[42, 42, 42, ...]`
let data = vec![42; DATA_SIZE];
let count = 5;
let treshold = 4;
let mut shares = create_shares(&data, count, treshold).unwrap();

// Lose a share (for demonstrational purposes)
shares.remove(3);

// We still have 4 shares, so we should still be able to restore the secret
let restored = combine_shares(&shares).unwrap();
assert_eq!(restored, Some(data));

// If we lose another share the secret is lost
shares.remove(0);
let restored2 = combine_shares(&shares).unwrap();
assert_eq!(restored2, None);

Changelog

Version 0.1.1

  • Remove an unintended side channel which allows a participating attacker with access to a accurate timing channel to iteratively guess shares during the execution of combine_shares.

Version 0.1.5

  • This library used to link to my sss library that was written in C. From this version, the complete library is written only in Rust.
  • The have_libsodium feature flag is deprecated.
  • The minimum required rustc version is now 1.44.0.

Questions

Feel free to open an issue or send me an email on my Github associated e-mail address.

Dependencies

~0.8–1MB
~19K SLoC