2016-01-27 06:41:24 -05:00
|
|
|
package ShamirSecretSharing;
|
|
|
|
|
|
|
|
|
|
|
2016-01-27 18:47:07 -05:00
|
|
|
import org.factcenter.qilin.primitives.CyclicGroup;
|
2016-01-27 06:41:24 -05:00
|
|
|
import org.factcenter.qilin.primitives.concrete.Zpstar;
|
|
|
|
|
|
|
|
|
|
import java.math.BigInteger;
|
|
|
|
|
import java.util.Random;
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* Created by Tzlil on 1/27/2016.
|
2016-01-28 06:57:47 -05:00
|
|
|
* an implementation of Shamire's secret sharing scheme
|
2016-01-27 06:41:24 -05:00
|
|
|
*/
|
|
|
|
|
public class SecretSharing {
|
|
|
|
|
protected final int t;
|
|
|
|
|
protected final int n;
|
2016-01-28 06:57:47 -05:00
|
|
|
protected final BigInteger p;
|
2016-01-27 06:41:24 -05:00
|
|
|
protected final Polynomial polynomial;
|
|
|
|
|
|
2016-01-28 06:57:47 -05:00
|
|
|
/**
|
|
|
|
|
* constructor
|
|
|
|
|
* @param p prime
|
|
|
|
|
* @param t threshold. Any t+1 share holders can recover the secret,
|
|
|
|
|
* but any set of at most t share holders cannot
|
|
|
|
|
* @param n number of share holders
|
|
|
|
|
* @param s secret, chosen from Zp
|
|
|
|
|
* @param random use for generate random polynomial
|
|
|
|
|
*/
|
|
|
|
|
public SecretSharing(BigInteger p, int t, int n, BigInteger s, Random random) {
|
|
|
|
|
this.p = p;
|
2016-01-27 06:41:24 -05:00
|
|
|
this.t = t;
|
|
|
|
|
this.n = n;
|
|
|
|
|
this.polynomial = generateRandomPolynomial(s,random);
|
|
|
|
|
}
|
|
|
|
|
|
2016-01-28 06:57:47 -05:00
|
|
|
/**
|
|
|
|
|
* @param s
|
|
|
|
|
* @param random
|
|
|
|
|
* @return new Polynomial polynomial of degree t ,such that
|
|
|
|
|
* 1. polynomial(0) = s
|
|
|
|
|
* 2. polynomial coefficients randomly chosen from Zp (except of coefficients[0] = s)
|
|
|
|
|
*/
|
2016-01-27 06:41:24 -05:00
|
|
|
private Polynomial generateRandomPolynomial(BigInteger s, Random random) {
|
|
|
|
|
BigInteger[] coefficients = new BigInteger[t + 1];
|
|
|
|
|
coefficients[0] = s;
|
2016-01-27 18:47:07 -05:00
|
|
|
int bits = p.bitLength();
|
2016-01-27 06:41:24 -05:00
|
|
|
for (int i = 1 ; i <= t; i++ ){
|
2016-01-28 06:57:47 -05:00
|
|
|
coefficients[i] = new BigInteger(bits,random).mod(p);
|
2016-01-27 06:41:24 -05:00
|
|
|
}
|
|
|
|
|
return new Polynomial(coefficients);
|
|
|
|
|
}
|
|
|
|
|
|
2016-01-27 18:47:07 -05:00
|
|
|
//ToDo make it safe : permission to call this func
|
2016-01-28 06:57:47 -05:00
|
|
|
/**
|
|
|
|
|
* @param i in range of [1,...n]
|
|
|
|
|
*
|
|
|
|
|
* @return polynomial.image(i)
|
|
|
|
|
*
|
|
|
|
|
* @throws Exception i out of range
|
|
|
|
|
*/
|
2016-01-27 06:41:24 -05:00
|
|
|
public Polynomial.Point getShare(int i) throws Exception {
|
|
|
|
|
if(i < 1 || i > n){
|
|
|
|
|
throw new Exception();
|
|
|
|
|
}
|
2016-01-28 06:57:47 -05:00
|
|
|
return new Polynomial.Point(BigInteger.valueOf(i), polynomial);
|
2016-01-27 06:41:24 -05:00
|
|
|
}
|
|
|
|
|
|
2016-01-28 06:57:47 -05:00
|
|
|
/**
|
|
|
|
|
* @param shares - subset of the original shares
|
|
|
|
|
*
|
|
|
|
|
* @return image of interpolation(shares) at x = 0
|
|
|
|
|
*/
|
2016-01-27 06:41:24 -05:00
|
|
|
public static BigInteger getSecrete(Polynomial.Point[] shares){
|
|
|
|
|
Polynomial polynomial = Polynomial.interpolation(shares);
|
|
|
|
|
return polynomial.image(BigInteger.ZERO);
|
|
|
|
|
}
|
|
|
|
|
|
2016-01-28 06:57:47 -05:00
|
|
|
/**
|
|
|
|
|
* getter
|
|
|
|
|
* @return threshold
|
|
|
|
|
*/
|
2016-01-27 06:41:24 -05:00
|
|
|
public int getThreshold() {
|
|
|
|
|
return t;
|
|
|
|
|
}
|
|
|
|
|
|
2016-01-28 06:57:47 -05:00
|
|
|
/**
|
|
|
|
|
* getter
|
|
|
|
|
* @return number of share holders
|
|
|
|
|
*/
|
2016-01-27 06:41:24 -05:00
|
|
|
public int getN() {
|
|
|
|
|
return n;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
}
|
