Crate dark_crystal_key_backup_rust

Source
Expand description

Provides encryption of secret shares to specific recipients using crypto_box

Internally uses dark-crystal-secret-sharing-rust, which uses sharks for Shamirs secret sharing and xsalsa20poly1305 for authenticated encryption.

This is part of a work-in-progress Rust implementation of the Dark Crystal Key Backup Protocol.

Structs§

Functions§

  • Combine a set of shares and ciphertext produced by share_authenticated
  • Decrypt a given ciphertext using crypto_box
  • Decrypt a given ciphertext using crypto_box using a given nonce rather than attaching one to the ciphertext
  • Give a recommended threshold value for a given number of shares
  • Encrypt a given message using crypto_box
  • Encrypt a given message using crypto_box using a given nonce rather than generating one
  • Create a set of shares and encrypt them to a given set of public keys
  • Create a set of shares and encrypt them to a given set of public keys but make the shares shorted by using the nonce from the ciphertext when encrypting the shares
  • Encrypt a secret and create shares of its key. This gives authentication so we know whether recovery was successful It also reduces duplication with long (> 32 bytes) secrets, and improves security when using non-uniformly random secrets such as passwords.
  • Gives a threshold ‘sanity’ factor, given a threshold and number of shares 0 is ideal. Positive values represent the level of danger of loosing access to the secret. Negative values represent the level of danger of an attacker gaining it.

Type Aliases§