|
||||||||||
| PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
| SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD | |||||||||
java.lang.Object | +--Secret_Share.ShareUtil
The Share Utilities contain the necessary auxilliary functions of splitting and recovery. These functions can be used in accordance with Jarecki's PSS protocols to achieve proactive secret sharing.
The function for adding two shares works with share renewal (adding shares of zero). Share renewal works in versions .2 and higher.
These share functions can be used for share recovery. As of version .3, share recovery works in a (5,4) scheme at 128 bits.
| Field Summary | |
static int |
RECOVER_COMMIT
A recovery mode, it is used to indicate the recovery of the commitment value. |
static int |
RECOVER_SECRET
A recovery mode, it is used to indicate the recovery of the secret. |
| Constructor Summary | |
ShareUtil()
|
|
| Method Summary | |
static java.math.BigInteger |
calculatePublicVersion(java.math.BigInteger secretShare,
java.math.BigInteger secretCommitment,
java.math.BigInteger p,
java.math.BigInteger g,
java.math.BigInteger h)
This function calculates the public version of a Share. |
static java.math.BigInteger |
evaluatePoly(java.math.BigInteger[] poly,
java.math.BigInteger q,
int x)
This function is crucial to the splitting function. |
static java.math.BigInteger[] |
generateValues(java.security.SecureRandom sr,
int numBits)
Random generates the values: p, q, g and h. |
static java.math.BigInteger |
recover(Share[] shares,
java.math.BigInteger recoverAtX,
int mode)
This method recovers the secret from an array of shares. |
static Share[] |
split(java.math.BigInteger secret,
int n,
int k,
int numBits,
java.math.BigInteger p,
java.math.BigInteger q,
java.math.BigInteger g,
java.math.BigInteger h,
java.math.BigInteger[] commitmentValues)
This is a simplification method used to hide the last argument, r, of the other split method. |
static Share[] |
split(java.math.BigInteger secret,
int n,
int k,
int numBits,
java.math.BigInteger p,
java.math.BigInteger q,
java.math.BigInteger g,
java.math.BigInteger h,
java.math.BigInteger[] commitmentValues,
java.math.BigInteger r)
This is the primary function used to split a secret. |
| Methods inherited from class java.lang.Object |
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
| Field Detail |
public static final int RECOVER_SECRET
A recovery mode, it is used to indicate the recovery of the secret.
public static final int RECOVER_COMMIT
A recovery mode, it is used to indicate the recovery of the commitment value.
| Constructor Detail |
public ShareUtil()
| Method Detail |
public static Share[] split(java.math.BigInteger secret,
int n,
int k,
int numBits,
java.math.BigInteger p,
java.math.BigInteger q,
java.math.BigInteger g,
java.math.BigInteger h,
java.math.BigInteger[] commitmentValues)
throws SplitException,
ShareUtilException
This is a simplification method used to hide the last argument, r, of the other split method. All that this method does is call the other split method with r set to null (and therefore ignored).
This method can be used for all normal instances of secret splitting. As it calls the other method, this method has the same properties with respect to the secret being zero (as the first coefficient of g(x) will also be set to zero).
commitmentValues - This should be an empty BigInteger array of length k.secret - The BigInteger representation of the secret.n - The number of shares to generate.k - The threshold of shares required to recover the secret.numBits - The minimum number of bits to use in the randomly generated polynomials (actual bit sizes for shares may be larger).p - The modulus p. It must be a prime number such that q divides (p-1). P is used in verification of shares.q - The modulus q. It must be a prime number fitting the requirement for p. This is the primary prime used in the sharing of the secret.g - G is a member of the subgroup generated by q in the field Z[p]. G is used in the verification of shares.h - H must also be in the same subgroup as g. It is used in verification of shares.
ShareUtilException - Indicates an error with the various other share utilities called by the split function.
SplitException - Indicates an error in the split process. Additional information is available from the exception message.
public static Share[] split(java.math.BigInteger secret,
int n,
int k,
int numBits,
java.math.BigInteger p,
java.math.BigInteger q,
java.math.BigInteger g,
java.math.BigInteger h,
java.math.BigInteger[] commitmentValues,
java.math.BigInteger r)
throws SplitException,
ShareUtilException
This is the primary function used to split a secret. It is called by the other split method.
If the secret is zero, then the first coefficient of G(x) will be set to zero. This is required for Share Renewal.
commitmentValues - This should be an empty BigInteger array of length k.secret - The BigInteger representation of the secret.n - The number of shares to generate.k - The threshold of shares required to recover the secret.numBits - The minimum number of bits to use in the randomly generated polynomials (actual bit sizes for shares may be larger).p - The modulus p. It must be a prime number such that q divides (p-1). P is used in verification of shares.q - The modulus q. It must be a prime number fitting the requirement for p. This is the primary prime used in the sharing of the secret.g - G is a member of the subgroup generated by q in the field Z[p]. G is used in the verification of shares.h - H must also be in the same subgroup as g. It is used in verification of shares.r - The share number (as a BigInteger) of the share that needs to be recovered (during the sub-share operation). If null, then split will assume that no share needs to be recovered.
ShareUtilException - An indication of a problem with the underlying share functions.
SplitException - Indicates an error in the split process. Additional information is available from the exception message.
public static java.math.BigInteger recover(Share[] shares,
java.math.BigInteger recoverAtX,
int mode)
throws RecoverException,
ShareUtilException,
ShareException
This method recovers the secret from an array of shares. The array of shares does not need to be in any particular order and all of the shares will be verified before the recovery.
shares[0] is assumed to be the local share and therefore the combiner knows that it is correct. In the event that the combiner knows that the local share is incorrect, then it should replace share[0] with a previously verified share. The first share will be used as a correct basis for the other shares.
The recovery method can recover either the secret or the commitment value for the secret. The mode indicates which of the two to recover.
If the goal is to recover a specific share, it needs to be done at that x value of the function rather than zero, the x-value of the secret/commitment value. The x-value is represented as a BigInteger and should be null to indicate zero.
Fix: verion .5 specified the necessity of having share 0 not null.
recoverAtX - The BigInteger representation of the desired x value of the share to recover. Use null for zero.mode - Use one of the two recovery modes provided as static members of this class.shares - The array of shares for recovery. Share[0] is assumed to be correct.
ShareException - Indication of an error with the argument to verifyShare.
RecoverException - Indication of an error with the inputs.
ShareUtilException - Indication of an error in recovering the secret.
public static java.math.BigInteger[] generateValues(java.security.SecureRandom sr,
int numBits)
Random generates the values: p, q, g and h.
The values are returned in an array:
return[0] = p;return[1] = q;return[2] = g;return[3] = h;The method was updated in version .4 to deal with the fact that the BigInteger class doesn't create BigIntegers of a certain length, just a random number between 2numBits to 1.
sr - The source of randomness for the values.numBits - The number of bits for the values.
BigInteger Array.
public static java.math.BigInteger calculatePublicVersion(java.math.BigInteger secretShare,
java.math.BigInteger secretCommitment,
java.math.BigInteger p,
java.math.BigInteger g,
java.math.BigInteger h)
throws ShareUtilException
This function calculates the public version of a Share.
secretShare - A BigInteger with the value of the share's secret share.secretCommitment - A BigInteger with the value of the share's secret commitment share.p - A BigInteger with the same value as the prime modulus p used by the share.g - A BigInteger with the same value as the group member g used by the share.h - A BigInteger with the same value as the group member h use by the share.
BigInteger corresponding to the public version of the share values.
ShareUtilException - Indicates error during the calculation of the public share; including parameter errors.
public static java.math.BigInteger evaluatePoly(java.math.BigInteger[] poly,
java.math.BigInteger q,
int x)
throws ShareUtilException,
java.lang.ArithmeticException
This function is crucial to the splitting function. It provides a simple way to evaluate the polynomial at each separate shareNumber.
poly - An array of BigIntegers cooresponding to the coefficients of a k-1 degree polynomial.q - The prime modulus q used in the splitting exercise.x - The evaluation parameter for the polynomial.
BigInteger equal to poly(x) mod q
ShareUtilException - An error with the parameters has occurred.
java.lang.ArithmeticException - There has been an arithmetic error in the evaluation of the polynomial.
|
||||||||||
| PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
| SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD | |||||||||