Sintrastes/LynCrypt

A Haskell library and executable for a Chinese remainder theorem based theshold secret sharing scheme.

LynCrypt

LynCyrpt is both a Haskell library and an executable, which implements a variant of the Asmuth-Bloom cryptosystem; a secret sharing scheme based on the Chinese remainder theorem.

Installation

LynCrypt is distributed as a cabal package, so if you already have a recent version of the Haskell platform installed, simply clone and cd into this repo, then cabal install.

Usage

The first two arguments to the lyncrypt binary are always n and k, respectively, where n is the number of shares generated, and k is the number of shares required to recover the secret (meaning 1 <= k <= n).

In order to encrypt a file, we specify a file name of the message to encrypt with the --encrypt flag, then a list of output file names, one "m0" (which is always the first argument to the --output flag) and n shares.

lyncrypt n k --encrypt message --output m0 file_1 ... file_n

The "m0" is an artifact of the Asmuth-Bloom cryptosystem, if you really only want a scheme with n shares where the secret can only be recovered if and only if k or more shares are present, you can distribute the m0 file amongst all of the share-holders. However, you could also treat the m0 as it's own independent share, which makes for a security scheme in which to recover the secret, at least k of the n shares, and the m0 key are needed to recover the secret. With such a scheme, the holder of m0 can be thought of intuitively as the "gatekeeper" of the secret -- even if all of the other n shares have gathered to recover the secret, they still cannot do it without the m0 key, regardless of the threshold value k chosen.

To decrypt, simply call lyncrypt with the --decrypt flag, with m_0 as the first argument, and the keys as the other arguments, and pass the name of the file you would like to output the secret to as an argument to the --output flag.

lyncrypt n k --decrypt m0 file_1 ... file_n --output output_file

*** Special Flags

By default, LynCrypt uses a binary serialization format as output, this can be changed to a more human-readable format by passing the --readable flag.

Feature Ideas

• Function sharing support, (possibly as described in this paper.
• Support for Mignotte's threshold secret sharing scheme
• Support for other secret sharing systems.

Disclaimer

This is experimental software in a very early stage of development, and has not been formally verified, nor audited by security professionals -- use at your own risk, see LICENSE for full disclaimer and copyright information.

Also keep in mind that LynCrypt does not yet support function sharing, meaning that the secret sharing it implements is really not much more than a novelty at this point, because the shares muse be computed in one central place (function sharing is not yet supported), so whoever computes and distributes the shares will have full access to the secret. However, this still could be useful for adding an interesting element to a cryptography based challenge, which is part of the reason I created LynCrypt.

Important Note (bug)

Currently when using some k combinations of the n shares to recover the secret, sometimes the secret is not fully recovered, so the full threshold secret sharing scheme doesn't work perfectly yet, for unclear reasons.