Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

function to add new shares to a set of existing ones #2

Open
wants to merge 1 commit into
base: master
Choose a base branch
from
Open

function to add new shares to a set of existing ones #2

wants to merge 1 commit into from

Conversation

gryphius
Copy link

implemented #1 with a little help and lots of copy-pasting from https://en.wikipedia.org/wiki/Shamir%27s_Secret_Sharing .
So I'm not sure if you'd want to merge this as-is or adapt it to maybe use the existing functions of the utils class more. I did not feel comfortable to mess with them, it's been a while since my last math class...

@cipherboy cipherboy self-assigned this Apr 13, 2020
cipherboy
cipherboy requested changes Apr 14, 2020
View reviewed changes
Copy link
Member

@cipherboy cipherboy left a comment
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

A few changes. I think it looks fairly good though, thanks for the PR!

If I get some time, I'll probably fix up SSSA-Python's CI, add mypy typing, doctext, linting, &c... But we'll see :-)

SSSA/utils.py

# extended_gcd, divmod, lagrange_interpolate are copied from https://en.wikipedia.org/wiki/Shamir%27s_Secret_Sharing

def extended_gcd(self, a, b):
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Could we replace gcd with an iterative version and remove this? My 2c.

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Not sure why I didn't do this when I first wrote the code... it has been a while :-)

SSSA/utils.py
To explain what this means, the return value will be such that
the following is true: den * divmod(num, den, p) % p == num
"""
inv, _ = self.extended_gcd(den, p)
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

We already have a mod_inverse function that could've been used here.

SSSA/utils.py
den = PI(dens)
num = sum([self.divmod(nums[i] * den * y_s[i] % p, dens[i], p)
for i in range(k)])
return (self.divmod(num, den, p) + p) % p
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I'd keep the newline at the end of the file. :-)

SSSA/utils.py
the following is true: den * divmod(num, den, p) % p == num
"""
inv, _ = self.extended_gcd(den, p)
return num * inv
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Shouldn't this be well, divmod? :-) num*inv isn't guaranteed to be in [0, p)... You just need to wrap it in another modulus statement: (num * inv) % p.

SSSA/utils.py
return num * inv

def lagrange_interpolate(self, x, x_s, y_s, p):
"""
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I'm fine with this function but we're already doing most of the work in combine...

sssa-python/SSSA/sssa.py

Lines 57 to 69 in f987712

for share_index,share in enumerate(secrets):
origin = share[part_index][0]
originy = share[part_index][1]
numerator = 1
denominator = 1
for product_index,product in enumerate(secrets):
if product_index != share_index:
current = product[part_index][0]
numerator = (numerator * (-1*current)) % self.util.prime
denominator = (denominator * (origin - current)) % self.util.prime
working = ((originy * numerator * self.util.mod_inverse(denominator)) + self.util.prime)
secret[part_index] = (secret[part_index] + working) % self.util.prime

Seems like we should use what's in sssa.py already and extract it into utils.

SSSA/sssa.py
# The "raw" secret is padded with \x00 and split into 32 char (64 hex) chunks: for each part there will be a polynomial.
# The result of 'create' still has "shares" entries, but each is a \sum_i^parts x_i+y_i.
# Reconstruct points on the polynomial(s) from the shares
x,y=self.util.shares_to_x_y(shares)
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

x, y -- add a space please. :)

SSSA/sssa.py
new_share += self.util.to_base64(value)
new_share += self.util.to_base64(y_interpolated)

shares.append(new_share)
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Why not return just the new_share? I think that makes more sense than adding the new share at the end of the list of shares... My 2c.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@cipherboy cipherboy cipherboy requested changes

Assignees

@cipherboy cipherboy

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@gryphius @cipherboy