-
Notifications
You must be signed in to change notification settings - Fork 9
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Split method generating duplicate shares sometimes #20
Comments
@nalo26 Hi there! That's a good catch there. Thanks for raising the issue. We'll take a look at it as soon as we can and attempt on a fix for it. |
Hey @nalo26, The domain of the x_coordinates should be in the open interval [0, 256) and we need 256 unique We found that we need to generate a random shuffle of I ran the unit tests multiple times, similar to your script, and couldn't find a duplicate with the split. Please check the MR and comment if you're good with it. Thanks, |
* fix: ensure unique x-coordinates with sampling * test for unique parts * refactor: manually generate unique coordinates * test: assert the hex of parts after split * fix: proposal to use constant time sampling * fix: we just need uniqueness in shuffling * chore: code cleanup * chore: code cleanup * chore: remove unnecessary array reversal. --------- Co-authored-by: Srigovind Nayak <sgovind.dev@outlook.com>
Alright, that's a good fix ! Thanks @sidsbrmnn @konidev20, but i'm afraid there still is an issue : File "pyshamir/shamir.py", line 85, in split
output[i][len(secret)] = int(x_coordinates[i]) + 1
ValueError: byte must be in range(0, 256) Before the fix, the With the fix, this is now generating a list of 256 values in the open interval I managed to fix this little issue by removing the Thanks for having addressed the issue that fast ! After this little fix, is it possible for you to create a new release ? It would be more convenient for me to update with pip instead of editing the sources ! |
Hey @nalo26, thank you for your continued help to improve this package. I have raised another MR. Please share with us your script you're testing this package with. |
@konidev20 Here's the code i'm using: import pyshamir
import random
from Crypto.PublicKey import RSA
from tqdm import tqdm
PARTS = 3
THRESHOLD = 2
def main():
for _ in tqdm(range(1000)):
rsa_key = RSA.generate(2048)
base_pk = rsa_key.export_key("PEM")
# Splitting private key
shares = pyshamir.split(base_pk, PARTS, THRESHOLD)
shares_hex = [share.hex() for share in shares]
# Reforming private key
shares_bytes = [bytes.fromhex(share) for share in shares_hex]
shares_rdm = random.sample(shares_bytes, k=THRESHOLD)
reformed_pk = pyshamir.combine(shares_rdm)
assert base_pk == reformed_pk
if __name__ == "__main__":
main() It's a simply version of my needs: Generating a RSA secret key, splitting it with the module, exporting the shares as hexadecimals numbers to be given, before reforming all of it back. Thanks again for the fixes! |
Hey @nalo26, we will do a release shortly by this weekend I reckon. Thanks |
Hey @nalo26, you can find the latest release here : https://pypi.org/project/pyshamir/ Thanks & Regards, |
Description of the issue
I need to use this module for sharing a secret key. To ensure the good working of it, I created a test function that generate a random key, split it in shares (3 parts and 2 thresholds), and then combining it back.
For some reason, it appears that sometimes I got the error
Duplicate sample
when combining the keys. In fact, 2 of my keys are exactly the same.After a bit of investigating, I found out that it is caused by
x_coordinates
when generating the shares. If a number is duplicated in theparts
firsts values (whereparts = 3
in my case), then the shares at index of those duplicates will be the same.Expected behaviour
Shares are all different
Random bad behaviour
Some shares are exactly the same
To Reproduce
Steps to reproduce the behaviour:
shamir.py
line 77x_coordinates = [secrets.randbelow(255) for _ in range(1, 256)]
with some random numbers, except that there's a duplicate in the 3 firsts one. For example (notice the two1
at the beginning of the list) :1
in the list), and share 3 will be fineHow to resolve
I think that to solve this problem, the solution is as simple as ensure that the
parts
first numbers of thisx_coordinates
are unique. But as I don't know the deep working of this, I don't wanted to make a pull request.Desktop
The text was updated successfully, but these errors were encountered: