ecc_verifiable_threshold_cryptosystem's Introduction

Verifiable (t, n) threshold signature scheme based on elliptic curve.

Minimalistic pythonic implementation of a Verifiable (t, n) threshold signature scheme based on elliptic curve .

This implementation serves as a proof of concept. DO NOT TRY TO USE THIS FOR ANY REAL USE CASE. THIS HAS NOT BEEN TESTED EXTERNALLY.

Dependencies

This is a pythonic implementation using a python ECDSA cryptographic python library. Python 3.5 is required to run this. Other versions of python haven't been tested but it might work. ECDSA library is compatible with most version of python. Be sure to have python included in yout path.

The only thing required to run this is argparse for the script that can generate, encrypt and decrypt.

$ pip install argparse

USAGE

Generate a threshold key to encrypt and decrypt messages:

    $ ./threshold.py --tshares [numShares] --nShares [numShares] --folder ./data

Generates the parameters for having a (t, n) threshold cryptosystem where t out of n can reconstruct the original private key.

This script generates a folder and saves the following:

Public parameters file to verify a secret share is valid.
Public ECC key file for anybody to encrypt a message.
Secrets file with all the n shares that can reconstruct file.
Individual files where each on contains one secret for distribution.

Reconstruct a threshold key from sub secrets:

./threshold.py --file ./data/secret.txt --t 10

Should give private key:

Reconstructed private key: 114512418293542646387878769035889844004884287243204154488848244878157937612245

Secretes.txt must be a file with all the t subshares on each line.

Encrypt using a threshold key

This is standard ECC encryption. Encrypts a message using a given public key.

./threshold.py --pkfile ./data/public.csv  --msg "Secret" --outfile ./c.txt

Decrypt using a reconstructed key

./threshold.py --decrypt 114512418293542646387878769035889844004884287243204154488848244878157937612245 --infile ./c.txt

Test

python setup.py test

Stuff used to make this:

ECDSA ECDSA cryptography python library.

License

MIT License

ecc_verifiable_threshold_cryptosystem's People

Contributors

Stargazers

Watchers

ecc_verifiable_threshold_cryptosystem's Issues

Cannot decrypt message using other than first t keys in exact order.

If you generate keys with 2 of 3 for example and encrypt the message the only way to decrypt is using first 2 keys. It doesn't work if you use 1st and 3rd key or 2nd and 3rd. Is this intended? It also doesn't work if you switch 1st and 2nd keys.

This way it works:

./threshold.py --tshares 2 --nshares 3 --folder ./data
./threshold.py --pkfile ./data/public.csv  --msg 123 --outfile ./c.txt
./threshold.py --file ./data/secret.txt --t 2
 > Reconstructed private key: 76050385198008030720774189841050237388165536102195945104435015448943504304002
./threshold.py --decrypt 76050385198008030720774189841050237388165536102195945104435015448943504304002 --infile ./c.txt
 > 123

But if you try to shuffle secret.txt or use other keys rather than 1st and 2nd in such order, then in can't decrypt messages. Are there any solutions? Thanks.

Recommend Projects

fernandolobato / ecc_verifiable_threshold_cryptosystem Goto Github PK