vsss-rs 5.4.0

Verifiable Secret Sharing Schemes for splitting, combining and verifying secret shares
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204

//! Share identifiers for secret sharing schemes.

#[cfg(any(feature = "alloc", feature = "std"))]
mod biguint;
mod group_element;
#[cfg(feature = "bigint")]
mod monty_residue;
mod prime_field;
#[cfg(feature = "primitive")]
mod primitive;
#[cfg(feature = "bigint")]
mod residue;
#[cfg(feature = "bigint")]
pub mod uint;
#[cfg(feature = "bigint")]
pub mod uint5;

#[cfg(any(feature = "alloc", feature = "std"))]
pub use biguint::*;
pub use group_element::*;
#[cfg(feature = "bigint")]
pub use monty_residue::*;
pub use prime_field::*;
#[cfg(feature = "primitive")]
pub use primitive::*;
#[cfg(feature = "bigint")]
pub use residue::*;

use crate::*;

use core::{
    fmt::Debug,
    ops::{Add, AddAssign, Deref, DerefMut, Mul, MulAssign, Neg, Sub, SubAssign},
};
#[cfg(feature = "bigint")]
use elliptic_curve::bigint::{Encoding, Random, Zero as CryptoZero};
use rand_core::{CryptoRng, RngCore};
use subtle::Choice;

/// A value used to represent a share element for secret shares.
/// A share element can either be the share identifier or the share value.
pub trait ShareElement:
    Sized
    + Clone
    + Default
    + Debug
    + Eq
    + PartialEq
    + Deref<Target = Self::Inner>
    + DerefMut<Target = Self::Inner>
    + AsRef<Self::Inner>
    + AsMut<Self::Inner>
    + From<Self::Inner>
{
    /// The serialized form of the share element.
    type Serialization: AsRef<[u8]> + AsMut<[u8]> + 'static;
    /// The inner type of the share element.
    type Inner: ShareElementInner;

    /// Generate a random share element.
    fn random(rng: impl RngCore + CryptoRng) -> Self;
    /// Defines an additive identity element for the share identifier.
    fn zero() -> Self;
    /// Defines a multiplicative identity element for the share identifier.
    fn one() -> Self;
    /// Check if the share identifier is zero.
    fn is_zero(&self) -> Choice;
    /// Serialize the share identifier.
    fn serialize(&self) -> Self::Serialization;
    /// Deserialize the share identifier.
    fn deserialize(serialized: &Self::Serialization) -> VsssResult<Self>;
    /// Attempt to convert the byte sequence to a share element.
    fn from_slice(slice: &[u8]) -> VsssResult<Self>;
    #[cfg(any(feature = "alloc", feature = "std"))]
    /// Serialize the share identifier to a byte vector.
    fn to_vec(&self) -> Vec<u8>;
}

/// A share identifier for secret sharing schemes.
pub trait ShareIdentifier: ShareElement<Inner: ShareIdentifierInner> {
    /// Add to the identifier by the increment value.
    fn inc(&mut self, increment: &Self);

    /// Invert the share identifier.
    fn invert(&self) -> VsssResult<Self>;

    /// Draw a polynomial coefficient uniformly at random over the
    /// entire field, *including zero*.
    ///
    /// This exists because `ShareElement::random` is overloaded for
    /// small-field identifiers (GF(256), GF(16)) to return only
    /// non-zero values — non-zero is required for x-coordinates
    /// (f(0) = secret) but biases polynomial coefficients away from
    /// zero, which is exploitable in re-sharing scenarios.
    ///
    /// The default implementation delegates to `ShareElement::random`,
    /// which for prime fields is already uniform over the whole field.
    /// Small fields where `random` is constrained to non-zero must
    /// override this to return a uniform sample over the full field.
    fn random_coefficient(rng: impl RngCore + CryptoRng) -> Self {
        <Self as ShareElement>::random(rng)
    }
}

/// Objects that represent the ability to verify shamir shares
pub trait ShareVerifier<S: Share>:
    ShareElement
    + Copy
    + Add<Output = Self>
    + Sub<Output = Self>
    + AddAssign
    + SubAssign
    + Neg<Output = Self>
    + Mul<S::Identifier, Output = Self>
    + Mul<S::Value, Output = Self>
    + MulAssign<S::Identifier>
    + MulAssign<S::Value>
    + for<'a> Mul<&'a S::Identifier, Output = Self>
    + for<'a> Mul<&'a S::Value, Output = Self>
    + for<'a> MulAssign<&'a S::Identifier>
    + for<'a> MulAssign<&'a S::Value>
{
}

impl<
    S: Share,
    SV: ShareElement
        + Copy
        + Add<Output = Self>
        + Sub<Output = Self>
        + AddAssign
        + SubAssign
        + Neg<Output = Self>
        + Mul<S::Identifier, Output = Self>
        + Mul<S::Value, Output = Self>
        + MulAssign<S::Identifier>
        + MulAssign<S::Value>
        + for<'a> Mul<&'a S::Identifier, Output = Self>
        + for<'a> Mul<&'a S::Value, Output = Self>
        + for<'a> MulAssign<&'a S::Identifier>
        + for<'a> MulAssign<&'a S::Value>,
> ShareVerifier<S> for SV
{
}

/// A share element inner type for secret sharing schemes.
pub trait ShareElementInner:
    Sized
    + Debug
    + Eq
    + PartialEq
    + Clone
    + Default
    + 'static
    + Add<Output = Self>
    + Sub<Output = Self>
    + AddAssign
    + SubAssign
    + for<'a> Add<&'a Self, Output = Self>
    + for<'a> Sub<&'a Self, Output = Self>
    + for<'a> AddAssign<&'a Self>
    + for<'a> SubAssign<&'a Self>
{
}

impl<
    I: Sized
        + Debug
        + Eq
        + PartialEq
        + Clone
        + Default
        + 'static
        + Add<Output = Self>
        + Sub<Output = Self>
        + AddAssign
        + SubAssign
        + for<'a> Add<&'a Self, Output = Self>
        + for<'a> Sub<&'a Self, Output = Self>
        + for<'a> AddAssign<&'a Self>
        + for<'a> SubAssign<&'a Self>,
> ShareElementInner for I
{
}

/// A share identifier inner type for secret sharing schemes.
pub trait ShareIdentifierInner:
    ShareElementInner
    + Mul<Output = Self>
    + MulAssign
    + for<'a> Mul<&'a Self, Output = Self>
    + for<'a> MulAssign<&'a Self>
{
}

impl<
    E: ShareElementInner
        + Mul<Output = Self>
        + MulAssign
        + for<'a> Mul<&'a Self, Output = Self>
        + for<'a> MulAssign<&'a Self>,
> ShareIdentifierInner for E
{
}