• Stars
    star
    156
  • Rank 239,589 (Top 5 %)
  • Language
    Rust
  • License
    Other
  • Created over 8 years ago
  • Updated about 6 years ago

Reviews

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

Repository Details

A pure-Rust implementation of various threshold secret sharing schemes

Threshold Secret Sharing

Build Status Latest version License: MIT/Apache2

Efficient pure-Rust library for secret sharing, offering efficient share generation and reconstruction for both traditional Shamir sharing and packet sharing. For now, secrets and shares are fixed as prime field elements represented by i64 values.

Installation

Cargo

[dependencies]
threshold-secret-sharing = "0.2"

GitHub

git clone https://github.com/snipsco/rust-threshold-secret-sharing
cd rust-threshold-secret-sharing
cargo build --release

Examples

Several examples are included in the examples/ directory. Run each with cargo using e.g.

cargo run --example shamir

for the Shamir example below.

Shamir sharing

Using the Shamir scheme is relatively straight-forward.

When choosing parameters, threshold and share_count must be chosen to satisfy security requirements, and prime must be large enough to correctly encode the value to be shared (and such that prime >= share_count + 1).

When reconstructing the secret, indices must be explicitly provided to identify the shares; these correspond to the indices the shares had in the vector returned by share().

extern crate threshold_secret_sharing as tss;

fn main() {
  // create instance of the Shamir scheme
  let ref tss = tss::shamir::ShamirSecretSharing {
    threshold: 8,           // privacy threshold
    share_count: 20,        // total number of shares to generate
    prime: 41               // prime field to use
  };

  let secret = 5;

  // generate shares for secret
  let all_shares = tss.share(secret);

  // artificially remove some of the shares
  let number_of_recovered_shared = 10;
  assert!(number_of_recovered_shared >= tss.reconstruct_limit());
  let recovered_indices: Vec<usize> = (0..number_of_recovered_shared).collect();
  let recovered_shares: &[i64] = &all_shares[0..number_of_recovered_shared];

  // reconstruct using remaining subset of shares
  let reconstructed_secret = tss.reconstruct(&recovered_indices, recovered_shares);
  assert_eq!(reconstructed_secret, secret);
}

Packed sharing

If many secrets are to be secret shared, it may be beneficial to use the packed scheme where several secrets are packed into each share. While still very computational efficient, one downside is that the parameters are somewhat restricted.

Specifically, the parameters are split in scheme parameters and implementation parameters:

  • the former, like in Shamir sharing, determines the abstract properties of the scheme, yet now also with a secret_count specifying how many secrets are to be packed into each share; the reconstruction limit is implicitly defined as secret_count + threshold + 1
  • the latter is related to the implementation (currently based on the Fast Fourier Transform) and requires not only a prime specifying the field, but also two principal roots of unity within that field, which must be respectively a power of 2 and a power of 3

Due to this increased complexity, providing helper functions for finding suitable parameters are in progress. For now, a few fixed fields are included in the packed module as illustrated in the example below:

  • PSS_4_8_3, PSS_4_26_3, PSS_155_728_100, PSS_155_19682_100

with format PSS_T_N_D for sharing D secrets into N shares with a threshold of T.

extern crate threshold_secret_sharing as tss;

fn main() {
  // use predefined parameters
  let ref tss = tss::packed::PSS_4_26_3;

  // generate shares for a vector of secrets
  let secrets = [1, 2, 3];
  let all_shares = tss.share(&secrets);

  // artificially remove some of the shares; keep only the first 8
  let indices: Vec<usize> = (0..8).collect();
  let shares = &all_shares[0..8];

  // reconstruct using remaining subset of shares
  let recovered_secrets = tss.reconstruct(&indices, shares);
  assert_eq!(recovered_secrets, vec![1, 2, 3]);
}

Homomorphic properties

Both the Shamir and the packed scheme enjoy certain homomorphic properties: shared secrets can be transformed by manipulating the shares. Both addition and multiplications work, yet notice that the reconstruction limit in the case of multiplication goes up by a factor of two for each application.

extern crate threshold_secret_sharing as tss;

fn main() {
  // use predefined parameters
  let ref tss = tss::PSS_4_26_3;

  // generate shares for first vector of secrets
  let secrets_1 = [1, 2, 3];
  let shares_1 = tss.share(&secrets_1);

  // generate shares for second vector of secrets
  let secrets_2 = [4, 5, 6];
  let shares_2 = tss.share(&secrets_2);

  // combine shares pointwise to get shares of the sum of the secrets
  let shares_sum: Vec<i64> = shares_1.iter().zip(&shares_2)
    .map(|(a, b)| (a + b) % tss.prime).collect();

  // artificially remove some of the shares; keep only the first 8
  let indices: Vec<usize> = (0..8).collect();
  let shares = &shares_sum[0..8];

  // reconstruct using remaining subset of shares
  let recovered_secrets = tss.reconstruct(&indices, shares);
  assert_eq!(recovered_secrets, vec![5, 7, 9]);
}

Parameter generation

While it's straight-forward to instantiate the Shamir scheme, as mentioned above the packed scheme is more tricky and a few helper methods are provided as a result. Since some applications needs only a fixed choice of parameters, these helper methods are optional and only included if the paramgen feature is activated during compilation:

cargo build --features paramgen

which also adds several extra dependencies.

Performance

So far most performance efforts has been focused on share generation for the packed scheme, with some obvious enhancements for reconstruction in the process of being implemented. As an example, sharing 100 secrets into approximately 20,000 shares with the packed scheme runs in around 31ms on a recent laptop, and in around 590ms on a Raspberry Pi 3.

These numbers were obtained by running

cargo bench

using the nightly toolchain.

License

Licensed under either of

Contribution

Unless you explicitly state otherwise, any contribution intentionally submitted for inclusion in the work by you, as defined in the Apache-2.0 license, shall be dual licensed as above, without any additional terms or conditions.

More Repositories

1

snips-nlu

Snips Python library to extract meaning from text
Python
3,889
star
2

Postal

A Swift framework for working with emails
Swift
653
star
3

snips-nlu-rs

Snips NLU rust implementation
Rust
340
star
4

ntm-lasagne

Neural Turing Machines library in Theano with Lasagne
Python
300
star
5

awesome-snips

A curated list of awesome Snips projects
276
star
6

tensorflow-build

A set of scripts to (cross-)build the Tensorflow C lib for various architectures / OS
Shell
178
star
7

react-inview-monitor

Declarative in-view scroll monitor for React JS
JavaScript
114
star
8

rust-paillier

A pure-Rust implementation of the Paillier encryption scheme
Rust
80
star
9

snips-nlu-ontology

Ontology of Snips NLU
Rust
57
star
10

react-scrolling-color-background

background with color transitioning as you scroll, declarative and easy to setup
JavaScript
57
star
11

sda

Secure distributed aggregation of high-dimensional vectors
Rust
55
star
12

snips-skill-respeaker

Official Snips Animation Feedback For Makers Kits/Dev Kits, supporting all kinds of APA102 based LED hardwares.
C
41
star
13

snips-record-personal-hotword

Python
40
star
14

hermes-protocol

Definition of the Hermes protocol used by the Snips platform
Rust
36
star
15

snips-nlu-language-resources

Language resources for the Snips Natural Language Understanding (NLU)
Python
34
star
16

snips-platform-android-demo

A demo of the Snips Platform for Android
Java
22
star
17

paillier-libraries-benchmarks

Companion repository for blog post on benchmarking implementations of Paillier encryption
Go
19
star
18

SuperCombinators

[Deprecated] A Swift parser combinator framework
Swift
19
star
19

nlp-workshops

Introduction and tutorial about Natural Language Processing
Jupyter Notebook
16
star
20

snipsmanager

The Snips Assistant Manager
Python
16
star
21

snips-nlu-parsers

Rust crate for entity parsing
Rust
16
star
22

gazetteer-entity-parser

Rust library for parsing and resolving entity values based on a gazetteer
Rust
16
star
23

snips-issues

Feel free to share your bugs with us.
14
star
24

snips-app-sonos

Sonos app for Snips
Python
13
star
25

snips-nlu-metrics

Python package to compute metrics on an NLU intent parsing pipeline
Python
13
star
26

snips-nlu-utils

Rust library for NLU utils with wrappers in other languages
Rust
12
star
27

snips-app-template-py

Action code template written in Python.
Python
11
star
28

snips-platform-swift

The Swift framework for the Snips Platform
Swift
11
star
29

snips-actions-templates

Template files for snips actions
Python
11
star
30

snips-nlu-resources

10
star
31

play-mongo-bson

Scala client for MongoDB using macros for case class serialization/deserialization
Scala
10
star
32

snips-platform-docker

Shell
10
star
33

snips-skill-owm

OpenWeatherMap skill for Snips
Python
9
star
34

snips-javascript-toolkit

Everything you need in order to write Snips actions in javascript / typescript.
TypeScript
9
star
35

snips-skill-hue

Philips Hue skill for Snips
Python
8
star
36

create-snips-action

Generator for writing Snips action code in Javascript/Typescript.
JavaScript
7
star
37

crfsuite-rs

Rust bindings for CRFSuite
C
7
star
38

snips-jeedom-plugin

Jeedom plugin allows connecting Snips voice assistant with Jeedom platform.
PHP
6
star
39

snips-demo-dev-kit

Official action code for Snips Voice Interaction Development Kit. (Temperature & Relay)
Python
6
star
40

snips-javascript-actions-runner

A lightweight javascript actions runner. 🏃‍♂️
JavaScript
5
star
41

ripb

A rust crate providing an implementation of a lock-free type-safe in-process bus.
Rust
4
star
42

snips-action-alarm

Snips action code for the Alarm app
TypeScript
4
star
43

snipsmanagercore

Core Python utilities for the Snips Manager
Python
4
star
44

snips-skill-fakeweather

Fake weather forecasts for Snips
Python
3
star
45

snips-app-relay-switch

Control the switch connected on Raspberry Pi by using your voice.
Python
3
star
46

snips-skill-weather

skill for the Snips assistant, En & Fr
JavaScript
2
star
47

snips-skill-weather-tts

Skill to show how to parse a weather intent and respond with a TTS.
Python
2
star
48

snips-skill-neopixel

NeoPixel Ring 24 skill for Snips
Python
2
star
49

snips-app-sht31

Get temperature and humidity from SHT31 (I2C protocol) by using your voice.
Python
2
star
50

snips-actions-runner-hook

Temporary solution to link snips-skill-server and snips-actions-runner
JavaScript
1
star
51

braccio_arm_demo

Code to control the braccio robotic arm for maker fare
Python
1
star
52

snips-action-reminder

Snips action code for the Reminder app
TypeScript
1
star
53

snips-action-timer

Snips action code for the Timer app
TypeScript
1
star
54

snips-action-unit-converter

Snips action code for the Unit Converter app
TypeScript
1
star
55

snips-action-nutrition

Snips action code for the Nutrition app
TypeScript
1
star
56

homebrew-snips

Snips formulae for the Homebrew package manager
Ruby
1
star
57

snipsair_whitepaper

Snips whitepapers, summaries, traductions etc.. Get in touch if you would like to help translate!
1
star
58

snips-skill-hue-pro

Handler for [Smart Light - Hue] bundle.
Python
1
star
59

SDP-swift

Swift reference implementation for Simple Datagram Protocol.
Swift
1
star
60

create-snips-action-typescript

Generator for writing Snips action code in Typescript.
TypeScript
1
star
61

Snips_Lights

Arduino library for light animations for the smart speaker project.
C++
1
star
62

snips-skill-times-tables-quiz

This skill enable your snips voice assistant to give you a quiz on times tables under the form of a dialog session.
Python
1
star