Skip to content

timtiemens/secretshare

Repository files navigation

Shamir's Secret Share in Java


Java implementation of Shamir's Secret Sharing algorithm as described in Applied Cryptography [as LaGrange Interpolating Polynomial Scheme].


Table of contents

Dependencies

The following are required to run the application in secretshare.jar:

  1. jre 11 (LTS)

The following are used to compile the project:

  1. jdk 11 (LTS)
  2. gradlew (uses gradle 5.6.2)

The following are used to completely build and test the project:

  1. JUnit 4.x This is needed for the (Unit and Integration) Test .java files to compile.

Note: the last version of this library to support jdk 1.6 (and jdk 8) was 1.4.4 - see SecretShare 1.4.4 Release Tag or SecretShare 1.4.4 Maven Central. It is sad to let 1.6 go, but Java SE 6 was released in 2006, and EOL'd in 2013. Java SE 8 was released in 2014, and EOL'd in 2019/Jan.

Build

  1. Compile locally - build the project with gradlew (gradle wrapper)
    $ ./gradlew build
  [creates build/libs/secretshare-1.4.4.jar]
    $ cp build/libs/secretshare-1.4.4.jar ./secretshare.jar
  [copies the .jar into the current directory]

Officially Released Artifact

  1. Use the artifact in your build - dependency information:
      group:   com.tiemens
       name:   secretshare
    version:   1.4.4

Central Repository - SecretShare 1.4.4 - to see dependency information formatted for Maven, Ivy, Grape, Gradle, Buildr, etc.

Architecture Documentation

See Architecture.md

Use

There are two main ways to use the application: split and combine. Split takes a secret (number or string) and splits it into 'n' shares. Combine takes 'k' of 'n' shares and re-creates the secret (number or string).

a. split - To display usage:

$ java -jar secretshare.jar split

b. combine - To display usage:

$ java -jar secretshare.jar combine

Examples of command line invocations

a. Create a share size 6 with threshold 3 with "Cat" as the secret string. Note: the low modulus of 16639793 limits the size of the secret number, which in turn limits the length of the secret string.
$ java -jar secretshare.jar split -k 3 -n 6 -m 16639793 -sS "Cat"
Sample output
Secret Share version 1.4.5-SNAPSHOT
Date                          : 2019-11-17 19:50:36
UUID                          : f8d4ec0b-f3e0-4946-af1c-6142477beb04
n = 6
k = 3
modulus = 16639793
modulus = bigintcs:fde731-829FB0

Share (x:1) = 9140967
Share (x:2) = 4154189
Share (x:3) = 6095319
Share (x:4) = 14964357
Share (x:5) = 14121510
Share (x:6) = 3566778
Share (x:1) = bigintcs:8b7ae7-32F939
Share (x:2) = bigintcs:3f634d-23AA55
Share (x:3) = bigintcs:5d01d7-DB6BF4
Share (x:4) = bigintcs:e45685-F8C8D8
Share (x:5) = bigintcs:d77a26-22E9B6
Share (x:6) = bigintcs:366cba-B203FC
b. Create a share size 6 with threshold 3 as above, but pipes the output of "split" to the input of "combine", which then re-creates the secret number and the secret string "Cat".
$ java -jar secretshare.jar split -k 3 -n 6 -m 16639793 -sS "Cat" \
 | java -jar secretshare.jar combine -stdin
Sample output
Secret Share version 1.4.5-SNAPSHOT
secret.number = '4415860'
secret.string = 'Cat'
c. Create a share size 6 with threshold 3 as above, but with a long secret string. Note: no modulus was given, so a pre-defined 384-bit prime was used as the modulus. The 384 bit prime allows 48 characters of secret string.
$ java -jar secretshare.jar split -k 3 -n 6 -sS "The Cat In The Hat"
Sample output
Secret Share version 1.4.5-SNAPSHOT
Date                          : 2019-11-17 19:50:36
UUID                          : 613a4311-e093-4ad3-af1a-fcc0d277ac03
n = 6
k = 3
modulus = 83085671664126938805092614721037843700776366159998897420433674117190444262260240009907206384693584652377753448639527
modulus = bigintcs:000002-1bd189-52959f-874f79-3d6cf5-11ac82-e6cea4-46c19c-5f523a-5318c7-e0f379-66f9e1-308c61-2d8d0b-dba253-6f54b0-ec6c27-3198DB

Share (x:1) = 15979896060676809512661644548376824098571574
Share (x:2) = 37851134048919502035795818694391308922347316
Share (x:3) = 72966669768703432152038843640464501050126190
Share (x:4) = 121326503220028599861390719386596400481908196
Share (x:5) = 182930634402895005163851445932787007217693334
Share (x:6) = 257779063317302648059421023279036321257481604
Share (x:1) = bigintcs:b770b1-a12533-044603-85c735-15cdfe-23c536-334367
Share (x:2) = bigintcs:000001-b2827c-516208-007f06-58d30f-cc5652-d75f34-FC877B
Share (x:3) = bigintcs:000003-459dc5-30f9e0-68cb51-e743e4-8bfe1e-632f6e-741FFD
Share (x:4) = bigintcs:000005-70c28c-3fecbc-3d2ae6-3119b3-54c560-c735e4-701AA3
Share (x:5) = bigintcs:000008-33f0d1-7e3a9b-7d9dc3-36547c-26ac1a-037296-331AD8
Share (x:6) = bigintcs:00000b-8f2894-ebe37e-2a23e8-f6f43f-01b24a-17e584-4FA6BF
d. Create the same share as above, then pipes the output of "split" into the input of "combine", which prints out the secret string.
$ java -jar secretshare.jar split -k 3 -n 6 -sS "The Cat In The Hat" \
 | java -jar secretshare.jar combine -stdin
Sample output
Secret Share version 1.4.5-SNAPSHOT
secret.number = '7352955803975354582636321202421046578798964'
secret.string = 'The Cat In The Hat'
e. Create the same share as above, but use a pre-defined 4096 bit prime modulus. The 4096 bit prime allows 512 characters of secret string.
$ java -jar secretshare.jar split -k 3 -n 6 -prime4096 \
    -sS "The Cat In The Hat 4096bits"
Sample output
Secret Share version 1.4.5-SNAPSHOT
Date                          : 2019-11-17 19:50:36
UUID                          : 100b5d58-de91-4c07-a885-5f75e5221b7a
n = 6
k = 3
modulus = 16710222102610440107068043371465990121279427984758140486147735732543262527544919309581228990959960933454241707431028205407801175010972697716211777405621844447135311624699359973445785442150139493030849120189695139622021101430363403930757354949513385879948926539292859265140544779841897745831487644537568464106991023630108604575150490083044175049593271254925175508848427143088944400255558397883427448667101368958164663781091806630951947745404989962231943601603024661584134672986801498693341608816527553412312812319737861910590928243420749213395009469338508019541095885541890008803615972806597516557801530791875113872380904094611929773211709366081401737953645348323163171237010704282848106803127761278746182709924566001996544238514546167359724648214393784828708337709298145449348366148476664877596527269176552273043572304982318495803088033967414331004526063175049856118607130798717168809146278034477061142090096734446658190827333485703051687166399550428503452215571581604276048958396735937452791507228393997083495197879290548002853265127569910930648812921091549545147941972750158605112325079312039054825870573986374161254590876872367709717423642369650017374448020838615475035626771463864178105646732507808534977443900875333446450467047221
modulus = bigintcs:100000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000735-4C590B

Share (x:1) = 91752672387558663698721782356024071282508657852444695946742526970
Share (x:2) = 204968951434685892719162234036593454023843227633551926647678380915
Share (x:3) = 374372189180096726717873608206141372282215456071890313806913084126
Share (x:4) = 599962385623791165694855904864667826057625343167459857424446636603
Share (x:5) = 881739540765769209650109124012172815350072888920260557500279038346
Share (x:6) = 1219703654606030858583633265648656340159558093330292414034410289355
Share (x:1) = bigintcs:df09d4-054225-6fb1a8-688740-13ab72-143919-1810cf-281fc0-14f3fa-912D2D
Share (x:2) = bigintcs:000001-f2407d-db3c5d-91a424-eae5dd-b49ed8-07ade1-a21d44-eddb72-152b73-AC902A
Share (x:3) = bigintcs:000003-8e0c62-a23209-d9f7be-f53c2d-4b3f52-22bfcd-be5991-8a6978-6a1ade-BD8311
Share (x:4) = bigintcs:000005-b26d82-5a232a-48ac76-878a2e-d78ce0-656edd-6cc5b4-fdc9d3-13c23b-0D6058
Share (x:5) = bigintcs:000008-5f63dd-030fbe-ddc24b-a1cfe2-598782-cfbb10-ad61af-47fc82-12218a-6E1783
Share (x:6) = bigintcs:00000b-94ef72-9cf7c7-99393e-440d47-d12f39-61a467-802d80-690185-6538cb-0E9BF8
f. Create the same share as above, but output in a manner better suited for physically splitting up the shares in order to give them out individually with all required information.
$ java -jar secretshare.jar split -k 3 -n 6 -prime4096 \
    -sS "The Cat In The Hat 4096bits" -printIndiv
Sample output
Secret Share version 1.4.5-SNAPSHOT
Date                          : 2019-11-17 19:50:36
UUID                          : 776b3f86-e58a-4c2f-8c54-0d9ef2972bbf
n = 6
k = 3
modulus = 16710222102610440107068043371465990121279427984758140486147735732543262527544919309581228990959960933454241707431028205407801175010972697716211777405621844447135311624699359973445785442150139493030849120189695139622021101430363403930757354949513385879948926539292859265140544779841897745831487644537568464106991023630108604575150490083044175049593271254925175508848427143088944400255558397883427448667101368958164663781091806630951947745404989962231943601603024661584134672986801498693341608816527553412312812319737861910590928243420749213395009469338508019541095885541890008803615972806597516557801530791875113872380904094611929773211709366081401737953645348323163171237010704282848106803127761278746182709924566001996544238514546167359724648214393784828708337709298145449348366148476664877596527269176552273043572304982318495803088033967414331004526063175049856118607130798717168809146278034477061142090096734446658190827333485703051687166399550428503452215571581604276048958396735937452791507228393997083495197879290548002853265127569910930648812921091549545147941972750158605112325079312039054825870573986374161254590876872367709717423642369650017374448020838615475035626771463864178105646732507808534977443900875333446450467047221
modulus = bigintcs:100000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000735-4C590B
Share (x:1) = 91752672387558663698721782356024071282508657852444695946742526970
Share (x:1) = bigintcs:df09d4-054225-6fb1a8-688740-13ab72-143919-1810cf-281fc0-14f3fa-912D2D
^LSecret Share version 1.4.5-SNAPSHOT
Date                          : 2019-11-17 19:50:36
UUID                          : 776b3f86-e58a-4c2f-8c54-0d9ef2972bbf
n = 6
k = 3
modulus = 16710222102610440107068043371465990121279427984758140486147735732543262527544919309581228990959960933454241707431028205407801175010972697716211777405621844447135311624699359973445785442150139493030849120189695139622021101430363403930757354949513385879948926539292859265140544779841897745831487644537568464106991023630108604575150490083044175049593271254925175508848427143088944400255558397883427448667101368958164663781091806630951947745404989962231943601603024661584134672986801498693341608816527553412312812319737861910590928243420749213395009469338508019541095885541890008803615972806597516557801530791875113872380904094611929773211709366081401737953645348323163171237010704282848106803127761278746182709924566001996544238514546167359724648214393784828708337709298145449348366148476664877596527269176552273043572304982318495803088033967414331004526063175049856118607130798717168809146278034477061142090096734446658190827333485703051687166399550428503452215571581604276048958396735937452791507228393997083495197879290548002853265127569910930648812921091549545147941972750158605112325079312039054825870573986374161254590876872367709717423642369650017374448020838615475035626771463864178105646732507808534977443900875333446450467047221
modulus = bigintcs:100000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000735-4C590B
Share (x:2) = 204968951434685892719162234036593454023843227633551926647678380915
Share (x:2) = bigintcs:000001-f2407d-db3c5d-91a424-eae5dd-b49ed8-07ade1-a21d44-eddb72-152b73-AC902A
^LSecret Share version 1.4.5-SNAPSHOT
Date                          : 2019-11-17 19:50:36
UUID                          : 776b3f86-e58a-4c2f-8c54-0d9ef2972bbf
n = 6
k = 3
modulus = 16710222102610440107068043371465990121279427984758140486147735732543262527544919309581228990959960933454241707431028205407801175010972697716211777405621844447135311624699359973445785442150139493030849120189695139622021101430363403930757354949513385879948926539292859265140544779841897745831487644537568464106991023630108604575150490083044175049593271254925175508848427143088944400255558397883427448667101368958164663781091806630951947745404989962231943601603024661584134672986801498693341608816527553412312812319737861910590928243420749213395009469338508019541095885541890008803615972806597516557801530791875113872380904094611929773211709366081401737953645348323163171237010704282848106803127761278746182709924566001996544238514546167359724648214393784828708337709298145449348366148476664877596527269176552273043572304982318495803088033967414331004526063175049856118607130798717168809146278034477061142090096734446658190827333485703051687166399550428503452215571581604276048958396735937452791507228393997083495197879290548002853265127569910930648812921091549545147941972750158605112325079312039054825870573986374161254590876872367709717423642369650017374448020838615475035626771463864178105646732507808534977443900875333446450467047221
modulus = bigintcs:100000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000735-4C590B
Share (x:3) = 374372189180096726717873608206141372282215456071890313806913084126
Share (x:3) = bigintcs:000003-8e0c62-a23209-d9f7be-f53c2d-4b3f52-22bfcd-be5991-8a6978-6a1ade-BD8311
^LSecret Share version 1.4.5-SNAPSHOT
Date                          : 2019-11-17 19:50:36
UUID                          : 776b3f86-e58a-4c2f-8c54-0d9ef2972bbf
n = 6
k = 3
modulus = 16710222102610440107068043371465990121279427984758140486147735732543262527544919309581228990959960933454241707431028205407801175010972697716211777405621844447135311624699359973445785442150139493030849120189695139622021101430363403930757354949513385879948926539292859265140544779841897745831487644537568464106991023630108604575150490083044175049593271254925175508848427143088944400255558397883427448667101368958164663781091806630951947745404989962231943601603024661584134672986801498693341608816527553412312812319737861910590928243420749213395009469338508019541095885541890008803615972806597516557801530791875113872380904094611929773211709366081401737953645348323163171237010704282848106803127761278746182709924566001996544238514546167359724648214393784828708337709298145449348366148476664877596527269176552273043572304982318495803088033967414331004526063175049856118607130798717168809146278034477061142090096734446658190827333485703051687166399550428503452215571581604276048958396735937452791507228393997083495197879290548002853265127569910930648812921091549545147941972750158605112325079312039054825870573986374161254590876872367709717423642369650017374448020838615475035626771463864178105646732507808534977443900875333446450467047221
modulus = bigintcs:100000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000735-4C590B
Share (x:4) = 599962385623791165694855904864667826057625343167459857424446636603
Share (x:4) = bigintcs:000005-b26d82-5a232a-48ac76-878a2e-d78ce0-656edd-6cc5b4-fdc9d3-13c23b-0D6058
^LSecret Share version 1.4.5-SNAPSHOT
Date                          : 2019-11-17 19:50:36
UUID                          : 776b3f86-e58a-4c2f-8c54-0d9ef2972bbf
n = 6
k = 3
modulus = 16710222102610440107068043371465990121279427984758140486147735732543262527544919309581228990959960933454241707431028205407801175010972697716211777405621844447135311624699359973445785442150139493030849120189695139622021101430363403930757354949513385879948926539292859265140544779841897745831487644537568464106991023630108604575150490083044175049593271254925175508848427143088944400255558397883427448667101368958164663781091806630951947745404989962231943601603024661584134672986801498693341608816527553412312812319737861910590928243420749213395009469338508019541095885541890008803615972806597516557801530791875113872380904094611929773211709366081401737953645348323163171237010704282848106803127761278746182709924566001996544238514546167359724648214393784828708337709298145449348366148476664877596527269176552273043572304982318495803088033967414331004526063175049856118607130798717168809146278034477061142090096734446658190827333485703051687166399550428503452215571581604276048958396735937452791507228393997083495197879290548002853265127569910930648812921091549545147941972750158605112325079312039054825870573986374161254590876872367709717423642369650017374448020838615475035626771463864178105646732507808534977443900875333446450467047221
modulus = bigintcs:100000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000735-4C590B
Share (x:5) = 881739540765769209650109124012172815350072888920260557500279038346
Share (x:5) = bigintcs:000008-5f63dd-030fbe-ddc24b-a1cfe2-598782-cfbb10-ad61af-47fc82-12218a-6E1783
^LSecret Share version 1.4.5-SNAPSHOT
Date                          : 2019-11-17 19:50:36
UUID                          : 776b3f86-e58a-4c2f-8c54-0d9ef2972bbf
n = 6
k = 3
modulus = 16710222102610440107068043371465990121279427984758140486147735732543262527544919309581228990959960933454241707431028205407801175010972697716211777405621844447135311624699359973445785442150139493030849120189695139622021101430363403930757354949513385879948926539292859265140544779841897745831487644537568464106991023630108604575150490083044175049593271254925175508848427143088944400255558397883427448667101368958164663781091806630951947745404989962231943601603024661584134672986801498693341608816527553412312812319737861910590928243420749213395009469338508019541095885541890008803615972806597516557801530791875113872380904094611929773211709366081401737953645348323163171237010704282848106803127761278746182709924566001996544238514546167359724648214393784828708337709298145449348366148476664877596527269176552273043572304982318495803088033967414331004526063175049856118607130798717168809146278034477061142090096734446658190827333485703051687166399550428503452215571581604276048958396735937452791507228393997083495197879290548002853265127569910930648812921091549545147941972750158605112325079312039054825870573986374161254590876872367709717423642369650017374448020838615475035626771463864178105646732507808534977443900875333446450467047221
modulus = bigintcs:100000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000735-4C590B
Share (x:6) = 1219703654606030858583633265648656340159558093330292414034410289355
Share (x:6) = bigintcs:00000b-94ef72-9cf7c7-99393e-440d47-d12f39-61a467-802d80-690185-6538cb-0E9BF8
g. Combine 3 shares to recreate the original secret. Note: it is important that the -prime argument is specified before -s arguments.
$ java -jar secretshare.jar combine -k 3 -prime384 \
    -s2 37851134048919502035795818694391308922347316 \
    -s4 121326503220028599861390719386596400481908196 \
    -s5 182930634402895005163851445932787007217693334
Sample output
Secret Share version 1.4.5-SNAPSHOT
secret.number = '7352955803975354582636321202421046578798964'
secret.string = 'The Cat In The Hat'
h. Combine 4 shares, 3 good and 1 bad, using paranoid combination option.
$ java -jar secretshare.jar combine -k 3 -prime384 \
    -paranoid 4 \
    -s2 1882356874773438980155973947620693982153929916 \
    -s3 12345678912345678912345678912345678 \
    -s4 1882357204724127580025723830249209987221192644 \
    -s5 1882357444072759374568880025530775541595539408
Sample output
Secret Share version 1.4.5-SNAPSHOT
secret.number = null
secret.string = null
paranoid.totalAvailable = 4
paranoid.allowedCount = 4
paranoid.count = 4
paranoid.summary = Disagreement (4 different answers)
combine.1 = x1 = 83085671664126938805092614721037843700776366159998897420433674117190427321046833708006542535573073222337983827443095 - (validUTF8=false) = '^B^[\321\211R\357\277\275\357\277\275\357\277\Oy=l\357\277\275^Q\357\277\275\357\277\275\357\277\275\316\244F\357\277\275\357\277\275_R:S^X\357\277\275\357\277\275\357\277\275\357\277\275\357\277\275b=\357\277\275j\357\277\275\357\277\275{\357\277\275\357\277\275r\357\277\275\357\277\275^Z^P\357\277\275}\357\277\275'
combine.2 = x1 = 16941212862714251189714249745173028423288392004 - (validUTF8=false) = '^B\357\277\275\357\277\275\357\277\275]\357\277\275O\357\277\275^FgT\357\277\275&\357\277\275\357\277\275\312\211D'
combine.3 = x1 = 11294141817878225880787021369072517057803460598 - (validUTF8=false) = '^A\357\277\275rc\357\277\275\357\277\275\357\277\275\357\277\275\357\277\275 \311\240>\357\277\275a\357\277\275{\357\277\275^_\357\277\275'
combine.4 = x1 = 1882356743151517032574974075571664781995241588 - (validUTF8=true) = 'TheKeyUsedToEncrypt'
i. Combine shares, showing examples for the -paranoid argument. Control how many extra combines to run (110), how many to print (4), and stop when an answer has been seen at least this many times (30). Use the -paranoid option if you (1) have extra shares and (2) some of your shares are corrupt.
$ java -jar secretshare.jar combine -k 3 -m 16639793 \
    -paranoid 110,limitPrint=4,stopCombiningWhenAnyCount=30 \
    -s1 7210616 -s2 11715382 -s3 4444444 -s4 9215151 -s5 2210154 \
    -s6 13554960 -s7 9969983 -s8 8095016 -s9 7654321 -s10 1234567
Sample output
Secret Share version 1.4.5-SNAPSHOT
secret.number = null
secret.string = null
paranoid.totalAvailable = 120
paranoid.allowedCount = 110
paranoid.count = 92
paranoid.summary = Disagreement (60 different answers)
combine.1 = x30 = 4415860 - (validUTF8=true) = 'Cat'
combine.2 = x3 = 4140122 - (validUTF8=true) = '?,Z'
combine.3 = x2 = 269137 - (validUTF8=true) = '^D^[Q'
combine.4 = x1 = 16592886 - (validUTF8=false) = '^@\357\277\275\/\357\277\275'
j. Print information about Secret Share, including version, 192 bit, 384 bit, 4096 bit and 8192 bit primes.
$ java -jar secretshare.jar info
Sample output
Secret Share version 1.4.5-SNAPSHOT
Modulus 192 bits = 14976407493557531125525728362448106789840013430353915016137
Modulus 192 bits = bigintcs:000002-62c8fd-6ec81b-3c0584-136789-80ad34-9269af-da237f-8ff3c9-12BCCD
Modulus 384 bits = 83085671664126938805092614721037843700776366159998897420433674117190444262260240009907206384693584652377753448639527
Modulus 384 bits = bigintcs:000002-1bd189-52959f-874f79-3d6cf5-11ac82-e6cea4-46c19c-5f523a-5318c7-e0f379-66f9e1-308c61-2d8d0b-dba253-6f54b0-ec6c27-3198DB
Modulus 4096 bits = 16710222102610440107068043371465990121279427984758140486147735732543262527544919309581228990959960933454241707431028205407801175010972697716211777405621844447135311624699359973445785442150139493030849120189695139622021101430363403930757354949513385879948926539292859265140544779841897745831487644537568464106991023630108604575150490083044175049593271254925175508848427143088944400255558397883427448667101368958164663781091806630951947745404989962231943601603024661584134672986801498693341608816527553412312812319737861910590928243420749213395009469338508019541095885541890008803615972806597516557801530791875113872380904094611929773211709366081401737953645348323163171237010704282848106803127761278746182709924566001996544238514546167359724648214393784828708337709298145449348366148476664877596527269176552273043572304982318495803088033967414331004526063175049856118607130798717168809146278034477061142090096734446658190827333485703051687166399550428503452215571581604276048958396735937452791507228393997083495197879290548002853265127569910930648812921091549545147941972750158605112325079312039054825870573986374161254590876872367709717423642369650017374448020838615475035626771463864178105646732507808534977443900875333446450467047221
Modulus 4096 bits = bigintcs:100000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000735-4C590B
Modulus 8192 bits = 279231522718570477942523966651848412786755625471035569262549193264568660953374539575363644038451708729333066699816198469916126929965359120284410819859854028564200012503601405321884115258380340520882394013079459378373602954907987087391050381798882893060582464649164778803202580377606793174221031756238305523801728417330041767401217359965327363800941065035149118936045803200708786247512086542238084017753586024109523236048614557723115585648257171971411582352854028094056289905359934753668545924906214201949630392942663006227207072738059572864458946995442098987135298017199066044684799206646046852007692829583685501822083927579071735457164040393298305467092078136746232403045411490624416360836139009389471599615055083953010222383976037199530343650749295317216621610856318814974339038401628152419869957586845887861406968283393603484693172919144488209043235143942917711597456617030850345093344845985897228637329601259767634683509551299437410250309746800132742906307824914615196564591280851829591037942122046141801113374061071502459843521616519068508840608866142367016446371333344905644939606218218417724015092650576657942326665080385451599873057465726933634139504551380207635732730508948201719784282311694063519119639243736364276253689069434848647101071362100254351086081223103674307034576258686423188956569254966171125838939239921106224566793694393912187263674266535325772507180754537736572272329042950336363370798851143956021690701705567437971039256378548127430749169994462670402156122918017938186142563187105245902896325033680839207188324653847844773975235005076945808128766572234433268495689937486958100390065467437864644075017104695336221543165982790695835615515631994231511431260924853427059238919995356824115989937622769832207704636596283910866202357492467506454291595823775435851401331614913666393860839942086098314120390709421306518971383380559076685994283375663380057764241494257799693167997775692501598019901080423655494004717753331078458159262055518170817180281440517060614547611105545747781301175793208826135138672277976088445981721562249959417511860209657110039278232822620356487671024234137135540726721167743323091920287701321960015105097732434284751017974443861383170363586137823503261214393288044057973810845631331034904805398832430192982926982354654090524982435531180945318487132920328174085989844087121548092990523399171888560553067218681856208752028326977093161880486624111065893663542842180250983316936056087246483576051350441471279745450361783242982069
Modulus 8192 bits = bigintcs:010000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-000000-0002b5-1E18FD

A complete scenario

  # Encrypt the PAYLOAD.
$ cat PAYLOAD.txt
   This is the PAYLOAD
   Generated Wed May  9 19:58:01 CDT 2018
   It has spaces at the front of every line
$ openssl enc -pass pass:TheKeyUsedToEncrypt -aes-256-cbc -salt \
              -in PAYLOAD.txt -out PAYLOAD.enc
$ ls -l PAYLOAD.enc
-rw-r--r--  1 timtiemens  users   128 May  9 19:58 PAYLOAD.enc

  # Create the shares from the key.
  # Use '-printIndiv' to make it easier to distribute the shares.
$ PRINT=-printIndiv
  # For this example, we'll print them all together
$ PRINT=-printOne
$ java -jar secretshare.jar split -k 3 -n 6 -sS "TheKeyUsedToEncrypt" $PRINT
Secret Share version 1.4.4
Date                          : 2018-05-09 19:59:55
UUID                          : 5c1ed0de-b281-49db-890c-4fc12321775a
n = 6
k = 3
modulus = 83085671664126938805092614721037843700776366159998897420433674117190444262260240009907206384693584652377753448639527
modulus = bigintcs:000002-1bd189-52959f-874f79-3d6cf5-11ac82-e6cea4-46c19c-5f523a-5318c7-e0f379-66f9e1-308c61-2d8d0b-dba253-6f54b0-ec6c27-3198DB

Share (x:1) = 5029843236858503316023507982074352651731277871
Share (x:2) = 11756782766980296102287198955234016324659726464
Share (x:3) = 22063175333516895391366046995050655800780587367
Share (x:4) = 35949020936468301183260052101524271080093860580
Share (x:5) = 53414319575834513477969214274654862162599546103
Share (x:6) = 74459071251615532275493533514442429048297643936
Share (x:1) = bigintcs:0000e1-8bc4c6-aff0f0-47d7e4-9c63f3-dceb5a-05182f-086F30
Share (x:2) = bigintcs:00020f-313f50-ea5144-91be7f-eb359a-28850f-c84880-A92812
Share (x:3) = bigintcs:0003dd-58d4ea-149a52-511936-40e438-513093-c30167-AC7697
Share (x:4) = bigintcs:00064c-028592-2ecc19-85e807-9d6fce-56ede5-f542e4-391126
Share (x:5) = bigintcs:00095b-2e5149-38e69a-302af4-00d85c-39bd06-5f0cf7-80574A
Share (x:6) = bigintcs:000d0a-dc380f-32e9d4-4fe1fb-6b1de1-f99df5-005fa0-4C058A

  # Give the keys x:1, x:2, x:3, x:4, x:5 and x:6 away.
  # Give the file PAYLOAD.enc away, or publish it somewhere public.

  #  time passes 

  # Later, somebody acquires 3 shares - for example, x:2, x:4 and x:5 -
  #  and then does this:
 
$ java -jar secretshare.jar combine -k 3 \
   -s2 11756782766980296102287198955234016324659726464 \
   -s4 35949020936468301183260052101524271080093860580 \
   -s5 53414319575834513477969214274654862162599546103
Secret Share version 1.4.4
secret.number = '1882356743151517032574974075571664781995241588'
secret.string = 'TheKeyUsedToEncrypt'

  # Then, using PAYLOAD.enc and the secret.string, recovers the secret PAYLOAD:

$ openssl enc -d -pass pass:TheKeyUsedToEncrypt -aes-256-cbc \
              -in PAYLOAD.enc -out RECOVER.txt
$ cmp PAYLOAD.txt RECOVER.txt 
$ cat RECOVER.txt
   This is the PAYLOAD
   Generated Wed May  9 19:58:01 CDT 2018
   It has spaces at the front of every line

Note on the Modulus

Using a shared modulus is ok - the modulus is NOT secret. You can use a randomly generated prime modulus if you'd like. It just takes longer.

Timing difference:                             Time To Generate Split
a) using -prime4096 on 512-character secret    ==    0.3 seconds
b) using -primeN    on 512-character secret    ==   57.1 seconds

Note on the size of 'k'

N.B.: 'split' is perfectly capable of generating k=100, k=200, even k=1000 in a reasonable amount of time (k=1000 took 35 seconds). Note, however, that for some values of k, you will never [as a matter of practice] be able to recover the original secret from the shares with the secretshare.jar application. For k=1000, perhaps a super computer cluster could solve the matrix and recreate the original secret. Maybe.

SIMPLEX SOLVER (versions 1.4.2 and later)

k seconds minutes years
k = 22 0 seconds
k = 23 0 seconds
k = 24 0 seconds
k = 28 0 seconds
k = 29 0 seconds
k = 30 0.44 seconds
k = 50 2 seconds
k = 75 5 seconds
k = 95 12 seconds
k = 130 47 seconds
k = 180 180 seconds
k = 230 623 seconds
k = 280 1662 seconds 28 minutes
k = 650 - - 1 year
k = 1000 346276986880 seconds - 11,000 years

The formula is roughly "4 times longer for each +50 in k". For k greater than 280, all times are calculated.
k=280 is the last "measured". So, k=280 is a pretty good practical limit, or k=95 for "immediate" results.

N.B.: Earlier versions of secretshare (1.4.1 and earlier) used a very inefficient solving algorithm. For these versions, your "k" is in effect limited to less than k=30, and is probably more like k=20.

ORIGINAL SOLVER (versions 1.4.1 and earlier) Value 'k' versus recorded runtimes to complete the "combine" operation:
k seconds minutes hours days
k = 19 3 seconds
k = 20 10 seconds
k = 21 39 seconds
k = 22 156 seconds
k = 23 646 seconds
k = 24 2460 seconds 41 minutes
k = 25 164 minutes
k = 26 656 minutes 11 hours
k = 27 44 hours
k = 28 176 hours 7.3 days
k = 29 30 days
k = 30 120 days

The formula is roughly 10 * 4^(k - 20) seconds. For k greather than 25, all times are calculated. k=24 is the last "measured". For k = 90, that works out to be = 10 * 4^(90 - 20) = 1E42 seconds. Since a year has ~3E7 seconds, that will never happen. So, k=25 is a pretty good practical limit, or k=20 for "immediate" results.

Additional Documentation

Original Sourceforge Secret Sharing in Java - original SCM location. Out-of-date.

Resources - more links to useful Shamir Secret Share documentation and projects

About

Shamir Secret Sharing in Java

Resources

License

LGPL-2.1, LGPL-2.1 licenses found

Licenses found

LGPL-2.1
LICENSE
LGPL-2.1
license.txt

Stars

Watchers

Forks

Packages

No packages published

Languages