Skip to main content

Share a secret securelly implementing Shamir's secret share

Project description

|GitHub license| |PyPI pyversions| |PyPI version| |GitHub release|
|GitHub version| |Updates| |Build Status|

SecretShare
===========

A simple library implementing Adi Shamir’s “How to share a secret”
algorithm. It is currently very limited since it uses integer arithmetic
with primes, thus limiting the size of the shared secret to 512 bits (64
bytes). It is however very useful for cryptographic applications (which
is the intended goal).

Requirements
------------

- Python 3.6+
- `Passphrase <http://github.com/hackancuba/passphrase-py>`__

Installation
------------

Clone the repo an run ``make package-install`` or, for development
purposes, ``make devenvironment``. Install dependencies with
``pip install -r requirements.txt``.

Usage
-----

.. code:: python

from secretshare import SecretShare, Secret, Share

# Generate a new secret
secret = Secret()
# Or use an existing one
secret.value = b'...'
# Or directly: secret = Secret(b'...')
# If your secret is not a byte stream, you can use the methods
# from_int
# from_base64
# from_hex

# Share the secret
share_count = 5 # How many pieces will be secret be split into?
threshold = 3 # How many pieces are required to recover the secret?
shamir = SecretShare(threshold, share_count, secret)
shares = shamir.split()

# Now deliver the shares to each recipient
for i, share in enumerate(shares):
email(recipient[i], str(share)) # Send in base64
# A Share can be converted to several convenient formats:
# int(share)
# bytes(share)
# str(share)
# hexlify(bytes(share))
# Note: a Secret can be converted the very same way

# ...

# To recover the secret, get the share from each holder
s1 = Share()
s1.from_int(1325546546320210215)
# A Share has a point and a value
s2 = Share(2, b'as5d...44a')
s3 = Share()
# They are both encoded together for convenience
s3.from_base64('AAk...ja==')
# The share count and threshold information is NOT saved anywhere
# so the developer must save it somewhere as it is public
# information and there's no risk in storing it.
shamir = SecretShare(share_count, threshold)
shamir.shares = [s1, s2, s3]
secret = shamir.combine()
# If the wrong number of shares is provided, an incorrect result
# is obtained.
# This is because this algorithm can't validate the result.
# The developer should verify the secret obtained by comparing into
# a hash, preferably using a secure KDF such as Argon2.
# Alternatively, it might be more convenient to verify each share
# against a hash: if the provided shares are correct, the result
# will be correct.

Developing
----------

Install the development requirements, run tests with ``make test`` and
lint with ``make lint``. Check for tests coverage with ``make coverage``
(currently 100%).

License
-------

**SecretShare** is made by `HacKan <https://hackan.net>`__ under GNU GPL
v3.0+. You are free to use, share, modify and share modifications under
the terms of that `license <LICENSE>`__.

::

Copyright (C) 2018 HacKan (https://hackan.net)

This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.

This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.

You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.


Project details


Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

secretshare-0.2.5.tar.gz (20.4 kB view details)

Uploaded Source

Built Distribution

secretshare-0.2.5-py3-none-any.whl (21.2 kB view details)

Uploaded Python 3

File details

Details for the file secretshare-0.2.5.tar.gz.

File metadata

  • Download URL: secretshare-0.2.5.tar.gz
  • Upload date:
  • Size: 20.4 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? No
  • Uploaded via: twine/1.12.1 pkginfo/1.4.2 requests/2.21.0 setuptools/40.6.3 requests-toolbelt/0.8.0 tqdm/4.28.1 CPython/3.6.7

File hashes

Hashes for secretshare-0.2.5.tar.gz
Algorithm Hash digest
SHA256 acfcfa7a6e6ae815bc91b075efa315579d47874fe2db00359d7186eda4edba16
MD5 2033e64c000dfbc2540418475bcb46f8
BLAKE2b-256 05c53ce206be5dc3a57cb9b79de7978eb2b74cf59d9576a9f288328dec73da25

See more details on using hashes here.

Provenance

File details

Details for the file secretshare-0.2.5-py3-none-any.whl.

File metadata

  • Download URL: secretshare-0.2.5-py3-none-any.whl
  • Upload date:
  • Size: 21.2 kB
  • Tags: Python 3
  • Uploaded using Trusted Publishing? No
  • Uploaded via: twine/1.12.1 pkginfo/1.4.2 requests/2.21.0 setuptools/40.6.3 requests-toolbelt/0.8.0 tqdm/4.28.1 CPython/3.6.7

File hashes

Hashes for secretshare-0.2.5-py3-none-any.whl
Algorithm Hash digest
SHA256 ffeccd68d0aafc6480264f6a73f5fbe05404bec5f5d7de8f215bc3ed71a16e9a
MD5 ae983dea3f5db33f226d0a99647ba153
BLAKE2b-256 2e422b4861cc562d6bbfb88ee9d06f1a7291d45293f81b9869733df1eeeff777

See more details on using hashes here.

Provenance

Supported by

AWS AWS Cloud computing and Security Sponsor Datadog Datadog Monitoring Fastly Fastly CDN Google Google Download Analytics Microsoft Microsoft PSF Sponsor Pingdom Pingdom Monitoring Sentry Sentry Error logging StatusPage StatusPage Status page