Expand description
Secret sharing with authentication
Internally this uses sharks for Shamirs secret sharing.
This is part of a work-in-progress Rust implementation of the Dark Crystal Key Backup Protocol.
Modules§
- encrypt
- Basic authenticated encryption using xsalsa20poly1305
Structs§
- Recovery
Error - Error created when recovery fails
- Share
Error - Error created when share fn fails
Functions§
- combine
- Recover a secret from a given set of shares
- combine_
authenticated - Combine a set of shares and ciphertext produced by share_authenticated
- default_
threshold - Give a recommended threshold value for a given number of shares
- share
- Create a set of shares for a given secret
- share_
authenticated - Encrypt a secret and create shares of its key. This gives authentication so we know whether recovery was successful It also reduces duplication with long (> 32 bytes) secrets, and improves security when using non-uniformly random secrets such as passwords.
- thresold_
sanity - Gives a threshold ‘sanity’ factor, given a threshold and number of shares 0 is ideal. Positive values represent the level of danger of loosing access to the secret. Negative values represent the level of danger of an attacker gaining it.