Struct threshold_secret_sharing::packed::PackedSecretSharing

pub struct PackedSecretSharing {
    pub threshold: usize,
    pub share_count: usize,
    pub secret_count: usize,
    pub prime: i64,
    pub omega_secrets: i64,
    pub omega_shares: i64,
}

Parameters for the packed variant of Shamir secret sharing, specifying number of secrets shared together, total number of shares, and privacy threshold.

This scheme generalises Shamir's scheme by simultaneously sharing several secrets, at the expense of leaving a gap between the privacy threshold and the reconstruction limit.

The Fast Fourier Transform is used for efficiency reasons, allowing most operations run to quasilinear time O(n.log(n)) in share_count. An implication of this is that secrets and shares are positioned on positive powers of respectively an n-th and m-th principal root of unity, where n is a power of 2 and m a power of 3.

As a result there exist several constraints between the various parameters:

• prime must be a prime large enough to hold the secrets we plan to share
• share_count must be at least secret_count + threshold (the reconstruction limit)
• secret_count + threshold + 1 must be a power of 2
• share_count + 1 must be a power of 3
• omega_secrets must be a (secret_count + threshold + 1)-th root of unity
• omega_shares must be a (share_count + 1)-th root of unity

An optional paramgen feature provides methods for finding suitable parameters satisfying these somewhat complex requirements, in addition to several fixed parameter choices.

Fields

threshold: usize

Maximum number of shares that can be known without exposing the secrets (privacy threshold).

share_count: usize

Number of shares to split the secrets into.

secret_count: usize

Number of secrets to share together.

prime: i64

Prime defining the Zp field in which computation is taking place.

omega_secrets: i64

m-th principal root of unity in Zp, where m = secret_count + threshold + 1 must be a power of 2.

omega_shares: i64

n-th principal root of unity in Zp, where n = share_count + 1 must be a power of 3.

Methods

impl PackedSecretSharing

fn reconstruct_limit(&self) -> usize

Minimum number of shares required to reconstruct secrets.

For this scheme this is always secret_count + threshold

fn share(&self, secrets: &[i64]) -> Vec<i64>

Generate share_count shares for the secrets vector.

The length of secrets must be secret_count. It is safe to pad with anything, including zeros.

fn reconstruct(&self, indices: &[usize], shares: &[i64]) -> Vec<i64>

Reconstruct the secrets from a large enough subset of the shares.

indices are the ranks of the known shares as output by the share method, while values are the actual values of these shares. Both must have the same number of elements, and at least reconstruct_limit.

The resulting vector is of length secret_count.

Trait Implementations

impl Debug for PackedSecretSharing

fn fmt(&self, __arg_0: &mut Formatter) -> Result

Formats the value using the given formatter.

impl Copy for PackedSecretSharing

impl Clone for PackedSecretSharing

fn clone(&self) -> PackedSecretSharing

Returns a copy of the value.

fn clone_from(&mut self, source: &Self)

Performs copy-assignment from source.

impl PartialEq for PackedSecretSharing

fn eq(&self, __arg_0: &PackedSecretSharing) -> bool

This method tests for self and other values to be equal, and is used by ==.

fn ne(&self, __arg_0: &PackedSecretSharing) -> bool

This method tests for !=.