Crate sskr

Expand description

§Introduction

Sharded Secret Key Reconstruction (SSKR) is a protocol for splitting a secret into a set of shares across one or more groups, such that the secret can be reconstructed from any combination of shares totaling or exceeding a threshold number of shares within each group and across all groups. SSKR is a generalization of Shamir’s Secret Sharing (SSS) that allows for multiple groups and multiple thresholds.

§Getting Started

[dependencies]
sskr = "0.3.2"

§Example

let secret_string = b"my secret belongs to me.";
let secret = Secret::new(secret_string).unwrap();

// Split the secret into 2 groups, the first requiring 2 of three shares
// and the second requiring 3 of 5 shares. A group threshold of 2 is
// specified, meaning that a quorum from both groups are necessary to
// reconstruct the secret.

let group1 = GroupSpec::new(2, 3).unwrap();
let group2 = GroupSpec::new(3, 5).unwrap();
let spec = Spec::new(2, vec![group1, group2]).unwrap();

// The result is a vector of groups, each containing a vector of shares,
// each of which is a vector of bytes.
let shares: Vec<Vec<Vec<u8>>> = sskr_generate(&spec, &secret).unwrap();

assert_eq!(shares.len(), 2);
assert_eq!(shares[0].len(), 3);
assert_eq!(shares[1].len(), 5);

// Now, recover the secret from a quorum of shares from each group.

let recovered_shares = vec![
    // Two shares from the first group.
    shares[0][0].clone(),
    shares[0][2].clone(),

    // Three shares from the second group.
    shares[1][0].clone(),
    shares[1][1].clone(),
    shares[1][4].clone(),
];

let recovered_secret = sskr_combine(&recovered_shares).unwrap();
assert_eq!(recovered_secret, secret);

Structs§

GroupSpec
A specification for a group of shares within an SSKR split.
Secret
A secret to be split into shares.
Spec
A specification for an SSKR split.

Enums§

SSKRError
Errors that can occur when using the SSKR library.

Constants§

MAX_GROUPS_COUNT
The maximum number of groups in a split.
MAX_SECRET_LEN
The maximum length of a secret.
MAX_SHARE_COUNT
The maximum number of shares that can be generated from a secret.
METADATA_SIZE_BYTES
The number of bytes used to encode the metadata for a share.
MIN_SECRET_LEN
The minimum length of a secret.
MIN_SERIALIZE_SIZE_BYTES
The minimum number of bytes required to encode a share.

Functions§

sskr_combine
Combines the given SSKR shares into a Secret.
sskr_generate
Generates SSKR shares for the given Spec and Secret.
sskr_generate_using
Generates SSKR shares for the given Spec and Secret using the provided random number generator.

Crate sskrCopy item path