Skip to content

Latest commit

 

History

History
114 lines (63 loc) · 11.9 KB

README.md

File metadata and controls

114 lines (63 loc) · 11.9 KB

Shamir's Secret Sharing (SSS) Overview

Shamir's Secret Sharing (SSS) is a cryptographic technique that allows a secret (such as a cryptographic key) to be divided into multiple shares, so that no single share reveals any information about the secret. The secret can only be reconstructed by combining a sufficient number of shares. The key principles of Shamir's Secret Sharing are:

  1. Splitting the Secret: The secret is split into 'n' shares, where 'n' is the total number of shares created.
  2. Threshold: A threshold value 'k' is set, which represents the minimum number of shares required to reconstruct the secret. Any number of shares less than 'k' reveals no information about the secret.
  3. Polynomial Interpolation: The process uses polynomial interpolation over a finite field to create and combine the shares. The secret is used as the constant term of a randomly generated polynomial of degree (k-1). Each share is a point on this polynomial.
  4. Share Distribution: The 'n' shares are distributed among 'n' participants, with each participant receiving one share.
  5. Secret Reconstruction: When 'k' or more shares are combined, the original polynomial can be reconstructed using polynomial interpolation. From this reconstructed polynomial, the constant term, which is the original secret, can be recovered. The key advantages of Shamir's Secret Sharing are:

· Confidentiality: No single share reveals any information about the secret, providing excellent confidentiality.

· Adjustable Threshold: The threshold 'k' can be adjusted to change the required number of shares for reconstruction.

· Redundancy: Having more shares than the threshold provides redundancy, allowing for lost or corrupted shares.

Shamir's Secret Sharing is widely used in various applications, such as secure key management, distributed cryptography, and multi-party computation, where sensitive information needs to be securely shared and reconstructed among multiple parties. 

Read more: https://en.wikipedia.org/wiki/Shamir%27s_secret_sharing

High-Level Example:

Below is a high-level real-world example of how Shamir's Secret Sharing (SSS) can be used: Imagine a scenario where a company wants to secure its cryptocurrency wallet's private key, which is a highly sensitive piece of information. If this key is compromised, the company's digital assets could be stolen. However, storing the key in a single location or with a single individual also poses a security risk. To mitigate this risk, the company can use Shamir's Secret Sharing to split the private key into multiple shares and distribute them among a group of trusted individuals or entities, such as high-ranking executives, board members, or secure hardware devices. Here's how it could work:

  1. Setting up the Scheme: The company decides to split the private key into, say, 7 shares, with a threshold of 5 shares required to reconstruct the key.
  2. Share Distribution: Each of the 7 shares is securely distributed to a different individual or entity. For example, three shares could be given to specific executives, two shares to secure hardware devices in different locations, and two shares to trusted third-party custodians.
  3. Key Reconstruction: If the company ever needs to access the cryptocurrency wallet, at least 5 of the 7 shareholders would need to come together and combine their shares. This process can be automated or performed manually, depending on the company's security protocols.
  4. Access Control: By setting the threshold to 5 out of 7 shares, the company ensures that no single individual or entity can access the private key alone. This provides an additional layer of security and prevents rogue actors from compromising the key.
  5. Share Refresh: Periodically, the company can refresh the shares by generating a new set of shares from the reconstructed secret, effectively rotating the shares for added security. This approach leverages the strengths of Shamir's Secret Sharing, ensuring that the highly sensitive private key is never stored in a single location or with a single individual. It distributes the risk and responsibility across multiple parties, making it significantly more difficult for an attacker to compromise the key. SSS is also used in other applications, such as secure multi-party computation, distributed key management systems, and secure data storage solutions, where sensitive information needs to be shared and reconstructed among multiple parties without compromising confidentiality.

image

image

image

image

Mathematical Example:

Case 1: Splitting the secret into 2 shares (k = 2) In this case, the secret is represented as the constant term of a linear equation (degree 1 polynomial). The two shares are points on this line. image

image

Case 2: Splitting the secret into 3 shares (k = 3) In this case, the secret is represented as the constant term of a quadratic equation (degree 2 polynomial). The three shares are points on this quadratic curve.

image

To reconstruct the secret, we use Lagrange interpolation to find the quadratic equation passing through the three share points:

image

image

Code Part

image

We developed two Python scripts to collectively implement Shamir's Secret Sharing, a cryptographic protocol for distributing a secret among participants in a secure and recoverable manner. The first script (share_generation.py) generates shares from a user-provided secret using a randomly constructed polynomial, where the secret is embedded as the constant term and additional coefficients are randomly selected. These shares are calculated by evaluating the polynomial at successive integer values.

The second script (secret_recovery.py) utilizes Lagrange interpolation to reconstruct the polynomial at zero, thereby retrieving the secret from a sufficient subset of the shares. Operations in both scripts are conducted modulo a large prime to ensure cryptographic security. This architecture not only ensures that the secret can only be reconstructed with a minimum number of shares but also maintains confidentiality unless the threshold of shares is met. Share Generation Code Description:

This script is responsible for generating shares from a secret. It operates as follows:

● User Input: It prompts the user to input the secret number, the total number of shares to generate, and the minimum number of shares required to recover the secret.

● Polynomial Construction: Based on the input, the script constructs a random polynomial of degree one less than the minimum number of shares. The secret itself is the polynomial's constant coefficient, and the remaining coefficients are randomly generated using a cryptographically secure random number generator.

● Share Distribution: The script evaluates this polynomial at different points (starting from 1 up to the number of shares). Each evaluation point provides a share, which is a tuple of the form (x, y), where x is the point and y is the polynomial evaluated at that point.

● Output: The generated shares are printed out, allowing the user to distribute them among the participants.

image

This script is designed to recover the original secret from a subset of shares. Its process includes:

● User Input: The user inputs a list of shares in the form of (x, y) tuples. The script requires at least the minimum number of shares specified during the generation phase to attempt recovery.

● Lagrange Interpolation: The script uses Lagrange interpolation, a mathematical method for polynomial interpolation, to estimate the original polynomial at x = 0. This value corresponds to the secret because the polynomial's constant term is the secret.

● Output: If successful, the script displays the recovered secret. If the input shares are insufficient or incorrect, it notifies the user with a wrong output, protecting the secret number.

image

Both scripts use a large prime number (the 12th Mersenne Prime) to perform operations in a finite field, ensuring the security and integrity of the secret sharing process. Together, these scripts provide a complete implementation of Shamir's Secret Sharing, from sharing a secret among a group to recovering the secret using a subset of the distributed shares.

Conclusion

The report presents a comprehensive exploration of Shamir's Secret Sharing (SSS), a cryptographic technique designed for dividing a secret into multiple shares, such that the secret can only be reconstructed when a predefined number of shares (threshold) are combined. The key features of SSS include splitting the secret using a polynomial whose constant term is the secret, distributing shares that are points on this polynomial, and reconstructing the secret via polynomial interpolation when enough shares are collected. The approach ensures confidentiality, as individual shares reveal nothing about the secret, and flexibility through an adjustable threshold for reconstruction, enhancing security and resilience against loss or corruption of shares.

SSS is particularly useful in scenarios requiring high-security measures, such as managing access to cryptographic keys or securing sensitive organizational data, by distributing risk and control across multiple parties. The methodology was illustrated with a real-world application involving the secure management of a company’s cryptocurrency wallet, where the private key is split among several trusted entities to prevent unauthorized access.

Mathematically, the report outlines the construction of the random polynomial and the generation and distribution of shares, underpinning the process with Lagrange interpolation for the secret's recovery. It also detailed a practical implementation through two Python scripts: one for share generation and another for secret recovery, ensuring the technique's viability in actual systems. These scripts embody the theoretical framework of SSS, providing a robust toolset for secure secret distribution and recovery in varied applications. The complete setup not only underlines the practicality of SSS in contemporary digital security landscapes but also enhances understanding through direct application and empirical validation.

Throughout this project on Shamir's Secret Sharing, we gained profound insights into the intersection of cryptography and practical security measures. We learned how mathematical principles like polynomial interpolation can be applied to solve real-world security challenges by distributing a secret among multiple stakeholders in a way that enhances data security and mitigates risks associated with centralized information storage. The hands-on experience of implementing the algorithm through Python scripts deepened our understanding of modular arithmetic and the importance of choosing robust parameters like prime numbers to ensure system integrity. Moreover, this project underscored the significance of collaborative teamwork in tackling complex problems and the value of thorough documentation and user-friendly design in software development, preparing us for future challenges in the field of cybersecurity.