Copyright | Peter Robinson 2014 |
---|---|

License | LGPL |

Maintainer | Peter Robinson <peter.robinson@monoid.at> |

Stability | experimental |

Portability | portable |

Safe Haskell | None |

Language | Haskell98 |

Implementation of an (`m`

,`n`

)-threshold secret sharing scheme.
A given ByteString `b`

(the secret) is split into `n`

shares,
and any `m`

shares are sufficient to reconstruct `b`

.
The scheme preserves perfect secrecy in the sense that the knowledge of up
to `m-1`

shares does not reveal any information about the secret `b`

.

Typically, there are `n`

parties and we would like to give the `i`

-th party
the `i`

-share of each byte.
For example, to encode a bytestring `secret`

as `10`

shares, any `5`

of which
are sufficient for reconstruction we could write:

shares <- encode 5 10 secret

Note that each byte is encoded separately using a fresh set of random coefficients.

The mathematics behind the secret sharing scheme is described in: "How to share a secret." by Shamir, Adi. In Communications of the ACM 22 (11): 612–613, 1979.

- encode :: Int -> Int -> ByteString -> IO [Share]
- decode :: [Share] -> ByteString
- data Share

# Documentation

:: Int | m |

-> Int | n |

-> ByteString | the secret that we want to share |

-> IO [Share] |

Encodes a `ByteString`

as a list of n shares, m of which are required for
reconstruction.
Lives in the `IO`

to access a random source.

:: [Share] | list of at least |

-> ByteString | reconstructed secret |

Reconstructs a (secret) bytestring from a list of (at least `m`

) shares.
Throws `AssertionFailed`

if the number of shares is too small.