Information-theoretic secure secret sharing

Latest on Hackage:

This package is not currently in any snapshots. If you're interested in using it, we recommend adding it to Stackage Nightly. Doing so will make builds more reliable, and allow to host generated Haddocks.

LGPL-2.1 licensed by Peter Robinson

Implementation of an (m,n)-threshold secret sharing scheme. A given ByteString b (the secret) is split into n shares, and any m shares are sufficient to reconstruct b. The scheme preserves information-theoretic perfect secrecy in the sense that the knowledge of up to m-1 shares does not reveal any information about the secret b.

Example in GHCi: Suppose that you want to split the string "my secret data" into n=5 shares such that at least m=3 shares are necessary to reconstruct the secret.

> :m + Data.ByteString.Lazy.Char8 Crypto.SecretSharing
> let secret = pack "my secret message!"
> shares <- encode 3 5 secret
> mapM_ (Prelude.putStrLn . show) shares -- each share should be deposited at a different site.
> let shares' = Prelude.drop 2 shares
> decode shares'
 "my secret message!"

The mathematics behind the secret sharing scheme is described in: "How to share a secret." by Adi Shamir. In Communications of the ACM 22 (11): 612–613, 1979.

comments powered byDisqus