shamirs module
Minimal pure-Python implementation of Shamir’s Secret Sharing scheme.
- shamirs.shamirs.MODULUS_DEFAULT = 170141183460469231731687303715884105727
Default prime modulus (equivalent to
(2 ** 127) - 1) that is used for creating secret shares if a prime modulus is not specified explicitly.
Bases:
objectData structure for representing an individual secret share. Normally, the
sharesfunction should be used to construct a sequence ofshareobjects.>>> isinstance(shares(1, 3, modulus=31)[0], share) True >>> len(shares(1, 3, modulus=31)) 3 >>> interpolate(shares(123, 12, modulus=15485867)) 123 >>> interpolate(shares(2**100, 100)) == 2**100 True
It must be possible to represent the index integer using 32 bits. There is no bound on the size of the value.
>>> share(4294967296, 123) Traceback (most recent call last): ... ValueError: index must be an integer that can be represented using at most 32 bits
Convert a secret share represented as a bytes-like object into a
shareobject.>>> s = share.from_bytes(bytes.fromhex('7b00000002000000c801fd03')) >>> (s.index, s.value, s.modulus) (123, 456, 1021) >>> s = share.from_bytes(share(1, 2**100).to_bytes()) >>> (s.index, s.value) == (1, 2**100) True
- Return type
Convert a secret share represented as a Base64 encoding of a bytes-like object into a
shareobject.>>> s = share.from_base64('ewAAAAIAAADIAf0D') >>> (s.index, s.value, s.modulus) (123, 456, 1021) >>> s = share.from_base64(share(3, 2**100).to_base64()) >>> (s.index, s.value) == (3, 2**100) True
- Return type
Return a bytes-like object that encodes this
shareobject.>>> share(123, 456, 1021).to_bytes().hex() '7b00000002000000c801fd03' >>> s = share.from_bytes(share(3, 2**100).to_bytes()) >>> (s.index, s.value) == (3, 2**100) True
- Return type
Transforms an integer value into the specified number of secret shares, with recovery of the original value possible using the returned sequence of secret shares (via the
interpolatefunction).- Parameters
value (
int) – Integer value to be split into secret shares.quantity (
int) – Number of secret shares (at least two) to construct and return.modulus (
Optional[int]) – Prime modulus corresponding to the finite field used for creating secret shares.threshold (
Optional[int]) – Minimum number of shares that will be required to reconstruct a value.
>>> len(shares(1, 3, modulus=31)) 3 >>> len(shares(17, 10, modulus=41)) 10 >>> len(shares(123, 100)) 100
Attempts to transform a value that is greater than the supplied prime modulus raise an exception.
>>> shares(256, 3, modulus=31) Traceback (most recent call last): ... ValueError: value cannot be greater than the prime modulus
Other invocations with invalid parameter values also raise exceptions.
>>> shares('abc', 3, 17) Traceback (most recent call last): ... TypeError: value must be an integer >>> shares(1, 'abc', 17) Traceback (most recent call last): ... TypeError: quantity of shares must be an integer >>> shares(1, 3, 'abc') Traceback (most recent call last): ... TypeError: prime modulus must be an integer >>> shares(-2, 3, 17) Traceback (most recent call last): ... ValueError: value must be a nonnegative integer >>> shares(1, 1, 17) Traceback (most recent call last): ... ValueError: quantity of shares must be at least 2 >>> shares(1, 2**32, 17) Traceback (most recent call last): ... ValueError: quantity of shares must be an integer that can be represented using at most 32 bits >>> shares(1, 3, 1) Traceback (most recent call last): ... ValueError: prime modulus must be at least 2
Requesting fewer shares than needed to reconstruct is permitted (but a warning is issued).
>>> len(shares(1, quantity=3, modulus=11, threshold=7)) 3
Requesting a larger set of shares than is necessary to reconstruct the original value is permitted.
>>> len(shares(1, quantity=7, modulus=11, threshold=3)) 7
- shamirs.shamirs.interpolate(shares, threshold=None)[source]
Reassemble an integer value from a sequence of secret shares using Lagrange interpolation (via the
interpolatefunction exported by the lagrange library).- Parameters
>>> interpolate(shares(5, 3, modulus=31)) 5 >>> interpolate(shares(123, 12)) 123
The appropriate order for the secret shares is already encoded in the individual
shareinstances (assuming they were created using thesharesfunction). Thus, they can be supplied in any order.>>> interpolate(reversed(shares(123, 12))) 123
If the threshold is known to be different than the number of shares, it should be specified as such. In the example below, the value 123 was shared with twenty parties such that at least twelve of them must collaborate to reconstruct the value.
>>> interpolate(shares(123, 20, 1223, 12)[:12], 12) # Use first twelve shares. 123 >>> interpolate(shares(123, 20, 1223, 12)[20-12:], 12) # Use last twelve shares. 123 >>> interpolate(shares(123, 20, 1223, 12)[:15], 12) # Use first fifteen shares. 123 >>> interpolate(shares(123, 20, 1223, 12)[:11], 12) # Try using only eleven shares. Traceback (most recent call last): ... ValueError: not enough points for a unique interpolation
Invocations with invalid parameter values raise exceptions.
>>> interpolate([1, 2, 3]) Traceback (most recent call last): ... TypeError: input must contain share objects >>> interpolate(shares(123, 3, 1223) + shares(123, 3, 1021)) Traceback (most recent call last): ... ValueError: all shares must have the same modulus