secret-sharing-1.0.0.3: Information-theoretic secure secret sharing

CopyrightPeter Robinson 2014
LicenseLGPL
MaintainerPeter Robinson <peter.robinson@monoid.at>
Stabilityexperimental
Portabilityportable
Safe HaskellNone
LanguageHaskell98

Crypto.SecretSharing

Description

Implementation of an (m,n)-threshold secret sharing scheme. A given ByteString b (the secret) is split into n shares, and any m shares are sufficient to reconstruct b. The scheme preserves perfect secrecy in the sense that the knowledge of up to m-1 shares does not reveal any information about the secret b.

Typically, there are n parties and we would like to give the i-th party the i-share of each byte. For example, to encode a bytestring secret as 10 shares, any 5 of which are sufficient for reconstruction we could write:

shares <- encode 5 10 secret

Note that each byte is encoded separately using a fresh set of random coefficients.

The mathematics behind the secret sharing scheme is described in: "How to share a secret." by Shamir, Adi. In Communications of the ACM 22 (11): 612–613, 1979.

Synopsis

Documentation

encode Source

Arguments

:: Int

m

-> Int

n

-> ByteString

the secret that we want to share

-> IO [Share] 

Encodes a ByteString as a list of n shares, m of which are required for reconstruction. Lives in the IO to access a random source.

decode Source

Arguments

:: [Share]

list of at least m shares

-> ByteString

reconstructed secret

Reconstructs a (secret) bytestring from a list of (at least m) shares. Throws AssertionFailed if the number of shares is too small.

data Share Source

A share of the encoded secret.