sharing 0.1.0

checksums.yaml

@@ -0,0 +1,7 @@
+---
+SHA256:
+  metadata.gz: a2741454d22738f53a151a7720d1dec3efe64728e32b92efe103392c7ec46c2f
+  data.tar.gz: '02118b02fe47723227a04e9203d28b248cdccc3b2ab9e747675b63f465856bf3'
+SHA512:
+  metadata.gz: e122938b94ee0077b3c90825df2afb2d3bbee50d474779876cf7ad0867f82b27f353303dfa9d6840b9aa6b15f4eb485cad154587811531add995fe5180ef3314
+  data.tar.gz: 39487860406b1583b7d16beedb2dc0bec498058524972b16167d859d34a48f8e26f5d12218164ccd163690c678c1806615f90a9beb9e1b405c0f4e8e535c6629

data/.rubocop.yml

@@ -0,0 +1,14 @@
+AllCops:
+  NewCops: enable
+  TargetRubyVersion: 2.6
+
+Style/StringLiterals:
+  Enabled: true
+  EnforcedStyle: double_quotes
+
+Style/StringLiteralsInInterpolation:
+  Enabled: true
+  EnforcedStyle: double_quotes
+
+Layout/LineLength:
+  Max: 120

data/CHANGELOG.md

@@ -0,0 +1,5 @@
+## [Unreleased]
+
+## [0.1.0] - 2022-03-10
+
+- Initial release

data/Gemfile

@@ -0,0 +1,26 @@
+# frozen_string_literal: true
+
+ruby ">= 2.6.0"
+
+source "https://rubygems.org"
+
+# Specify your gem's dependencies in secret_sharing.gemspec
+gemspec
+
+gem "hensel_code", "~> 0.3.0"
+
+gem "prime", "~> 0.1.2"
+
+gem "rake", "~> 13.0"
+
+gem "minitest", "~> 5.0"
+
+gem "rubocop", "~> 1.21"
+
+gem "rubocop-minitest", "~> 0.17.2"
+
+gem "rubocop-rake", "~> 0.6"
+
+gem "minitest-reporters", "~> 1.5"
+
+gem "codecov", require: false, group: :test

data/Gemfile.lock

@@ -0,0 +1,79 @@
+PATH
+  remote: .
+  specs:
+    secret_sharing (0.1.0)
+      hensel_code (~> 0.3.0)
+      prime (~> 0.1.2)
+
+GEM
+  remote: https://rubygems.org/
+  specs:
+    ansi (1.5.0)
+    ast (2.4.2)
+    builder (3.2.4)
+    codecov (0.6.0)
+      simplecov (>= 0.15, < 0.22)
+    docile (1.4.0)
+    forwardable (1.3.2)
+    hensel_code (0.3.0)
+    minitest (5.15.0)
+    minitest-reporters (1.5.0)
+      ansi
+      builder
+      minitest (>= 5.0)
+      ruby-progressbar
+    parallel (1.21.0)
+    parser (3.1.1.0)
+      ast (~> 2.4.1)
+    prime (0.1.2)
+      forwardable
+      singleton
+    rainbow (3.1.1)
+    rake (13.0.6)
+    regexp_parser (2.2.1)
+    rexml (3.2.5)
+    rubocop (1.26.0)
+      parallel (~> 1.10)
+      parser (>= 3.1.0.0)
+      rainbow (>= 2.2.2, < 4.0)
+      regexp_parser (>= 1.8, < 3.0)
+      rexml
+      rubocop-ast (>= 1.16.0, < 2.0)
+      ruby-progressbar (~> 1.7)
+      unicode-display_width (>= 1.4.0, < 3.0)
+    rubocop-ast (1.16.0)
+      parser (>= 3.1.1.0)
+    rubocop-minitest (0.17.2)
+      rubocop (>= 0.90, < 2.0)
+    rubocop-rake (0.6.0)
+      rubocop (~> 1.0)
+    ruby-progressbar (1.11.0)
+    simplecov (0.21.2)
+      docile (~> 1.1)
+      simplecov-html (~> 0.11)
+      simplecov_json_formatter (~> 0.1)
+    simplecov-html (0.12.3)
+    simplecov_json_formatter (0.1.4)
+    singleton (0.1.1)
+    unicode-display_width (2.1.0)
+
+PLATFORMS
+  x86_64-darwin-19
+
+DEPENDENCIES
+  codecov
+  hensel_code (~> 0.3.0)
+  minitest (~> 5.0)
+  minitest-reporters (~> 1.5)
+  prime (~> 0.1.2)
+  rake (~> 13.0)
+  rubocop (~> 1.21)
+  rubocop-minitest (~> 0.17.2)
+  rubocop-rake (~> 0.6)
+  secret_sharing!
+
+RUBY VERSION
+   ruby 3.1.0p0
+
+BUNDLED WITH
+   2.3.3

data/LICENSE.txt

@@ -0,0 +1,21 @@
+The MIT License (MIT)
+
+Copyright (c) 2022 David William Silva
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in
+all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+THE SOFTWARE.

data/README.md

@@ -0,0 +1,242 @@
+# Secret Sharing
+
+A secret sharing Ruby library.
+
+## Installation
+
+Add this line to your application's Gemfile:
+
+```ruby
+gem 'sharing'
+```
+
+And then execute:
+
+    $ bundle install
+
+Or install it yourself as:
+
+    $ gem install sharing
+    
+# Supported Secret Sharing Schemes
+
+Secret Sharing currently supports two schemes:
+
+- A first version of the Shamir's secret sharing
+- The second of two modified versions of the CRT-based Asmuth-Bloom scheme proposed by Ersoy et al.
+
+# Usage
+
+## Shamir's Secret Sharing V1
+
+The Shamir's secret sharing v1 scheme is based on the work of Adi Shamir in [How to Share a Secret](https://web.mit.edu/6.857/OldStuff/Fall03/ref/Shamir-HowToShareASecret.pdf).
+
+### n-out-of-n Shamir Secret Sharing
+
+Let's consider the followin setup:
+
+```ruby
+secret1 = 22
+secret2 = 36
+scalar = 2
+params = {total_shares: 5, threshold: 5, lambda_: 16}
+sss = Sharing::Polynomial::Shamir::V1.new params
+# => #<Sharing::Polynomial::Shamir::V1:0x0000000114090618 @lambda_=16, @p=63719, @threshold=3, @total_shares=5>
+```
+
+We generate shares as follows:
+
+```ruby
+shares1 = sss.create_shares(secret1)
+# => [[1, 17038], [2, 51463], [3, 24539], [4, 33770], [5, 34327]]
+shares2 = sss.create_shares(secret2)
+# => [[1, 26584], [2, 37554], [3, 53948], [4, 45589], [5, 58559]]
+scalar = 2
+```
+
+We reconstruct the secrets as follows:
+
+```ruby
+reconstructed_secret1 = sss.reconstruct_secret(shares1)
+# => (22/1)
+reconstructed_secret2 = sss.reconstruct_secret(shares2)
+# => (36/1)
+```
+
+We can compute linear functions without requiring communication between the share holders: 
+
+```ruby
+shares1_add_shares2 = Sharing::Polynomial::Shamir::V1.add(shares1, shares2, sss.p)
+# => [[1, 43622], [2, 25298], [3, 14768], [4, 15640], [5, 29167]]
+shares2_sub_shares1 = Sharing::Polynomial::Shamir::V1.sub(shares2, shares1, sss.p)
+# => [[1, 9546], [2, 49810], [3, 29409], [4, 11819], [5, 24232]]
+shares1_smul_scalar = Sharing::Polynomial::Shamir::V1.smul(shares1, scalar, sss.p)
+# => [[1, 34076], [2, 39207], [3, 49078], [4, 3821], [5, 4935]]
+shares1_sdiv_scalar = Sharing::Polynomial::Shamir::V1.sdiv(shares1, scalar, sss.p)
+# => [[1, 8519], [2, 57591], [3, 44129], [4, 16885], [5, 49023]]
+```
+
+and we can check that:
+
+```ruby
+sss.reconstruct_secret(shares1_add_shares2)
+# => (58/1)
+sss.reconstruct_secret(shares2_sub_shares1)
+# => (14/1)
+sss.reconstruct_secret(shares1_smul_scalar)
+# => (44/1)
+sss.reconstruct_secret(shares1_sdiv_scalar)
+# => (11/1)
+```
+
+### Using Hensel Codes
+
+The gem Secret Sharing takes advantage of the gem [Hensel Codes](https://github.com/davidwilliam/hensel_code) for homomorphically encoding rational numbers as integers in order to compute over the integers and yet obtain results over the rationals.
+
+As most (if not all) of secret sharing schemes over finite fields `F_p` for `p > 2`, the secret inputs are naturally required to be positive integers in `F_p`. In this way, if we compute subtraction and we end up with a result that is negative, the reconstruction will fail (provided we don't have any econding in place). Same will occur if we compute a scalar division involving a scalar that is not a divisor of the corresponding secret. For addressing this and many other arithmetic problems, we can use Hensel codes to allow secret inputs to be positive and negative rational numbers.
+
+```ruby
+rational_secret1 = Rational(2,3)
+# => 2/3
+rational_secret2 = Rational(-5,7)
+# => -5/7
+scalar = 5
+# => 5
+params = {total_shares: 5, threshold: 5, lambda_: 32}
+# => {:total_shares=>5, :threshold=>5, :lambda_=>32}
+sss = Sharing::Polynomial::Shamir::V1.new params
+# => #<Sharing::Polynomial::Shamir::V1:0x0000000103065cd0 @lambda_=32, @total_shares=5, @threshold=5, @p=4151995223>
+```
+
+We compute the Hensel codes for the secrets:
+
+```ruby
+secret1 = HenselCode::TruncatedFinitePadicExpansion.new(sss.p, 1, rational_secret1).hensel_code
+# => 2767996816
+secret2 = HenselCode::TruncatedFinitePadicExpansion.new(sss.p, 1, rational_secret2).hensel_code
+# => 593142174
+```
+
+Then, we create the shares:
+
+```ruby
+shares1 = sss.create_shares(secret1)
+# => [[1, 1788895381], [2, 1795799163], [3, 3852643947], [4, 58410522], [5, 2611091242]]
+shares2 = sss.create_shares(secret2)
+# => [[1, 2523224758], [2, 2966680092], [3, 3722500411], [4, 3217222534], [5, 656923087]]
+```
+
+Now we can compute all the available linear computations as before:
+
+```ruby
+shares1_add_shares2 = Sharing::Polynomial::Shamir::V1.add(shares1, shares2, sss.p)
+# => [[1, 160124916], [2, 610484032], [3, 3423149135], [4, 3275633056], [5, 3268014329]]
+shares1_sub_shares2 = Sharing::Polynomial::Shamir::V1.sub(shares1, shares2, sss.p)
+# => [[1, 3417665846], [2, 2981114294], [3, 130143536], [4, 993183211], [5, 1954168155]]
+shares1_smul_scalar = Sharing::Polynomial::Shamir::V1.smul(shares1, scalar, sss.p)
+# => [[1, 640486459], [2, 675005369], [3, 2655238843], [4, 292052610], [5, 599470541]]
+shares1_sdiv_scalar = Sharing::Polynomial::Shamir::V1.sdiv(shares1, scalar, sss.p)
+# => [[1, 2848976210], [2, 3680756011], [3, 1600927834], [4, 842081149], [5, 1352617293]]
+```
+
+We reconstruct the secrets:
+
+```ruby
+reconstruct_secret1_add_secret2 = sss.reconstruct_secret(shares1_add_shares2)
+# => 3361138990/1
+reconstruct_secret1_sub_secret2 = sss.reconstruct_secret(shares1_sub_shares2)
+# => 2174854642/1
+reconstruct_shares1_smul_scalar = sss.reconstruct_secret(shares1_smul_scalar)
+# => 1383998411/1
+reconstruct_shares1_sdiv_scalar = sss.reconstruct_secret(shares1_sdiv_scalar)
+# => 3044796497/1
+```
+
+and we can check that:
+
+```ruby
+HenselCode::TruncatedFinitePadicExpansion.new(sss.p, 1, reconstructed_secret1_add_secret2).to_r
+# => -1/21
+HenselCode::TruncatedFinitePadicExpansion.new(sss.p, 1, reconstructed_secret1_sub_secret2).to_r
+# => 29/21
+HenselCode::TruncatedFinitePadicExpansion.new(sss.p, 1, reconstructed_shares1_smul_scalar).to_r
+# => 10/3
+HenselCode::TruncatedFinitePadicExpansion.new(sss.p, 1, reconstructed_shares1_sdiv_scalar).to_r
+# => 2/15
+```
+
+## Asmuth-Bloom V2
+
+The Asmuth-Bloom V2 was proposed by Ersoy et al. in in [Homomorphic extensions of CRT-based secret sharing](https://www.sciencedirect.com/science/article/pii/S0166218X20303012)). The reference is a CRT-based secret sharing scheme introduced by Asmuth-Bloom in [A modular approach to key safeguarding](https://ieeexplore.ieee.org/abstract/document/1056651).
+
+We have currently the class `Sharing::CRT::AsmuthBloom::V2`. To initialize it, we need to pass the following parameters:
+
+- `lambda_`: the bit length of the secret prime moduli.
+- `threshold`: the recovery threshold in which it is guaranteed to recover the secret for all possible values.
+- `secrecy`: the secrecy threshold in which it is guaranteed that no information is revealed about the secret.
+- `total_shares`: the total number of shares we want to create for any given secret.
+- `k_add`: the provisioned number of additions we want to compute over shares.
+- `k_add`: the provisioned number of multiplicaitons we want to compute over shares.
+
+```ruby
+params = { lambda_: 64, threshold: 10, secrecy: 3, total_shares: 13, k_add: 5000, k_mul: 2 }
+crtss = Sharing::CRTAsmuthBloomV2.new params
+secret1 = 5
+secret2 = 8
+secret3 = 9
+shares1 = crtss.compute_shares(secret1)
+# => [[0, 4185685952388161215], [1, 7431082072249155627], [2, 3172867207673420707], [3, 14094855932661978905], [4, 8449128283552032507], [5, 7274923078167548868], [6, 3443672123003372167], [7, 3449028625755130838], [8, 5794221801968596287], [9, 3328886357835317095], [10, 7488573194762652917], [11, 8211719263601562780], [12, 12709118192143848454]]
+shares2 = crtss.compute_shares(secret2)
+# => [[0, 2233143134937563130], [1, 10799196764783177850], [2, 3895399176949806798], [3, 1198864688298180029], [4, 10749884548017217271], [5, 8208674321670086887], [6, 2822739185939232463], [7, 6792525158886356123], [8, 11182441441011760155], [9, 5065252015479538675], [10, 14231070486785344674], [11, 12955329422395114581], [12, 13444354079541844356]]
+shares3 = crtss.compute_shares(secret3)
+# => [[0, 8784211624348791413], [1, 3173871378881529520], [2, 13248531955944997083], [3, 1782634630778360250], [4, 13054421101338573568], [5, 12464404777826322232], [6, 10309434923908541341], [7, 11837628883332260554], [8, 7022273320911219172], [9, 2554741791512322214], [10, 11331979459726025879], [11, 5610455238685743922], [12, 3003841353993251584]]
+```
+
+With the shares created, we can compute basic arithmetic:
+
+```ruby
+shares1_add_shares2 = Sharing::CRTAsmuthBloomV2.add(shares1, shares2)
+# => [[0, 6418829087325724345], [1, 18230278837032333477], [2, 7068266384623227505], [3, 15293720620960158934], [4, 19199012831569249778], [5, 15483597399837635755], [6, 6266411308942604630], [7, 10241553784641486961], [8, 16976663242980356442], [9, 8394138373314855770], [10, 21719643681547997591], [11, 21167048685996677361], [12, 26153472271685692810]]
+shares1_mul_shares2 = Sharing::CRTAsmuthBloomV2.mul(shares1, shares2)
+# => [[0, 9347235849580217942880423213680002950], [1, 80249717473471354529348429396269261950], [2, 12359584309342074742148630183422566186], [3, 16897825064318556900157377557090288245], [4, 90827153579571227732364682022273828397], [5, 59717474263879064686877969113378493916], [6, 9720588245128167152782160092717057321], [7, 23427613714160960605536958120927421074], [8, 64793545996747467446843059564467544485], [9, 16861648333327680706874620252941149125], [10, 106570412980118630776546521824476514058], [11, 106385528184186069985041673188764895180], [12, 170865885013928618679442811690919225624]]
+shares1_add_shares2_add_shares1_mul_shares2 = Sharing::CRTAsmuthBloomV2.add(shares1_add_shares2, shares1_mul_shares2)
+# => [[0, 9347235849580217949299252301005727295], [1, 80249717473471354547578708233301595427], [2, 12359584309342074749216896568045793691], [3, 16897825064318556915451098178050447179], [4, 90827153579571227751563694853843078175], [5, 59717474263879064702361566513216129671], [6, 9720588245128167159048571401659661951], [7, 23427613714160960615778511905568908035], [8, 64793545996747467463819722807447900927], [9, 16861648333327680715268758626256004895], [10, 106570412980118630798266165506024511649], [11, 106385528184186070006208721874761572541], [12, 170865885013928618705596283962604918434]]
+```
+
+In order to recover the associated secrets with the shares we just generated via basic arithmetic computations, we select a number of shares for reconstruction (in any random order). It could be the total number of shares or a smaller number. We will choose the exact number of the recovery threshold:
+
+```ruby
+selected_shares1_add_shares2 = shares1_add_shares2.sample(params[:threshold])
+# => [[10, 21719643681547997591], [0, 6418829087325724345], [9, 8394138373314855770], [6, 6266411308942604630], [1, 18230278837032333477], [7, 10241553784641486961], [11, 21167048685996677361], [5, 15483597399837635755], [8, 16976663242980356442], [12, 26153472271685692810]]
+selected_shares1_mul_shares2 = shares1_mul_shares2.sample(params[:threshold])
+# => [[5, 59717474263879064686877969113378493916], [1, 80249717473471354529348429396269261950], [12, 170865885013928618679442811690919225624], [7, 23427613714160960605536958120927421074], [6, 9720588245128167152782160092717057321], [0, 9347235849580217942880423213680002950], [3, 16897825064318556900157377557090288245], [9, 16861648333327680706874620252941149125], [2, 12359584309342074742148630183422566186], [4, 90827153579571227732364682022273828397]]
+selected_shares1_add_shares2_add_shares1_mul_shares2 = shares1_add_shares2_add_shares1_mul_shares2.sample(params[:threshold])
+# => [[11, 106385528184186070006208721874761572541], [6, 9720588245128167159048571401659661951], [2, 12359584309342074749216896568045793691], [4, 90827153579571227751563694853843078175], [12, 170865885013928618705596283962604918434], [7, 23427613714160960615778511905568908035], [9, 16861648333327680715268758626256004895], [5, 59717474263879064702361566513216129671], [10, 106570412980118630798266165506024511649], [0, 9347235849580217949299252301005727295]]
+```
+
+Finally, we reconstruct the secrets:
+
+```ruby
+crtss.reconstruct_secret(selected_shares1_add_shares2)
+# => 13 
+crtss.reconstruct_secret(selected_shares1_mul_shares2)
+# => 40
+crtss.reconstruct_secret(selected_shares1_add_shares2_add_shares1_mul_shares2)
+# => 53
+```
+
+and we can check that 5 + 8 = 13, 5 * 8 = 40, and 13 + 40 = 53.
+
+## Development
+
+After checking out the repo, run `bin/setup` to install dependencies. Then, run `rake test` to run the tests. You can also run `bin/console` for an interactive prompt that will allow you to experiment.
+
+To install this gem onto your local machine, run `bundle exec rake install`. To release a new version, update the version number in `version.rb`, and then run `bundle exec rake release`, which will create a git tag for the version, push git commits and the created tag, and push the `.gem` file to [rubygems.org](https://rubygems.org).
+
+## Contributing
+
+Bug reports and pull requests are welcome on GitHub at https://github.com/davidwilliam/sharing.
+
+## License
+
+The gem is available as open source under the terms of the [MIT License](https://opensource.org/licenses/MIT).

data/Rakefile

@@ -0,0 +1,16 @@
+# frozen_string_literal: true
+
+require "bundler/gem_tasks"
+require "rake/testtask"
+
+Rake::TestTask.new(:test) do |t|
+  t.libs << "test"
+  t.libs << "lib"
+  t.test_files = FileList["test/**/test_*.rb"]
+end
+
+require "rubocop/rake_task"
+
+RuboCop::RakeTask.new
+
+task default: %i[test rubocop]

data/bin/console

@@ -0,0 +1,15 @@
+#!/usr/bin/env ruby
+# frozen_string_literal: true
+
+require "bundler/setup"
+require "secret_sharing"
+
+# You can add fixtures and/or initialization code here to make experimenting
+# with your gem easier. You can also use a different console, if you like.
+
+# (If you use this, don't forget to add pry to your Gemfile!)
+# require "pry"
+# Pry.start
+
+require "irb"
+IRB.start(__FILE__)

data/bin/setup

@@ -0,0 +1,8 @@
+#!/usr/bin/env bash
+set -euo pipefail
+IFS=$'\n\t'
+set -vx
+
+bundle install
+
+# Do any other automated setup that you need to do here

data/lib/sharing/crt/asmuth-bloom/v2.rb

@@ -0,0 +1,90 @@
+# frozen_string_literal: true
+
+# module secret sharing
+module Sharing
+  # crt-based secret sharing schemes
+  module CRT
+    # crt-based secret sharing scheme proposed by Asmuth-Bloom
+    module AsmuthBloom
+      # second version of Asmuth-Bloom proposed by Ersoy et al.
+      class V2
+        include HenselCode::Tools
+
+        attr_accessor :threshold, :secrecy, :total_shares, :primes,
+                      :p, :m_r, :m_to_s, :k_add, :k_mul, :lambda_,
+                      :a, :y,
+                      :upperbound
+
+        def self.add(shares1, shares2)
+          shares1.zip(shares2).map { |s| [s[0][0], s[0][1] + s[1][1]] }
+        end
+
+        def self.mul(shares1, shares2)
+          shares1.zip(shares2).map { |s| [s[0][0], s[0][1] * s[1][1]] }
+        end
+
+        def initialize(params = {})
+          @threshold = params[:threshold]
+          @secrecy = params[:secrecy]
+          @total_shares = params[:total_shares]
+          @k_add = params[:k_add]
+          @k_mul = params[:k_mul]
+          @lambda_ = params[:lambda_]
+          generate_unique_primes
+          compute_prime_products
+          generate_single_prime
+        end
+
+        def compute_upperbound(secret)
+          @upperbound = ((p * m_to_s) - secret) / p
+        end
+
+        def compute_shares(secret)
+          compute_upperbound(secret)
+          @a = rand(1..upperbound - 1)
+          @y = secret + (a * p)
+          primes.map.with_index { |prime, i| [i, y % prime] }
+        end
+
+        def reconstruct_secret(selected_shares)
+          indices = selected_shares.map(&:first)
+          moduli = primes.values_at(*indices)
+          shares = selected_shares.map(&:last)
+          y = crt(moduli, shares)
+          y % p
+        end
+
+        def generate_primes
+          @primes = random_distinct_numbers("prime", total_shares, lambda_)
+          @primes.sort!
+        end
+
+        def compute_prime_products
+          @m_r = primes[0..threshold - 1].inject(:*)
+          @m_to_s = 1
+          (0..secrecy - 1).each do |i|
+            @m_to_s *= primes[total_shares - (i + 2) + 1]
+          end
+        end
+
+        def generate_single_prime
+          bits = lambda_
+          @p = random_prime(lambda_)
+          while m_r <= (k_add + 1) * ((@p * m_to_s)**(k_mul + 1))
+            bits -= 1
+            @p = random_prime(bits)
+          end
+        end
+
+        def generate_unique_primes
+          @primes = [random_prime(lambda_)]
+          while primes.uniq.size < total_shares
+            prime = random_prime(lambda_)
+            @primes << prime unless @primes.include?(prime) && (@primes + [prime]).reduce(1, :gcd) != 1
+          end
+          @primes = @primes.uniq.sort
+        end
+      end
+    end
+  end
+end

data/lib/sharing/polynomial/shamir/v1.rb

@@ -0,0 +1,71 @@
+# frozen_string_literal: true
+
+module Sharing
+  module Polynomial
+    module Shamir
+      # first supported version of Shamir secret sharing scheme
+      class V1
+        include HenselCode::Tools
+        extend HenselCode::Tools
+        include Tools
+        extend Tools
+
+        attr_accessor :lambda_, :p, :total_shares, :threshold
+
+        def self.add(shares1, shares2, prime)
+          shares1.zip(shares2).map { |s| [s[0][0], (s[0][1] + s[1][1]) % prime] }
+        end
+
+        def self.sub(shares1, shares2, prime)
+          shares1.zip(shares2).map { |s| [s[0][0], (s[0][1] - s[1][1]) % prime] }
+        end
+
+        def self.smul(shares, scalar, prime)
+          shares.map { |s| [s[0], (s[1] * scalar) % prime] }
+        end
+
+        def self.sdiv(shares, scalar, prime)
+          shares.map { |s| [s[0], (s[1] * mod_inverse(scalar, prime)) % prime] }
+        end
+
+        def self.generate_random_coefficients(total_shares, lambda_)
+          random_distinct_numbers("integer", total_shares - 1, lambda_ - 1)
+        end
+
+        def self.create_shares(secret, total_shares, lambda_, prime)
+          random_coefficients = generate_random_coefficients(total_shares, lambda_)
+          (1..total_shares).map.with_index { |x, i| [i + 1, f(x, secret, random_coefficients) % prime] }
+        end
+
+        def initialize(params = {})
+          @lambda_ = params[:lambda_]
+          @total_shares = params[:total_shares]
+          @threshold = params[:threshold]
+          generate_prime
+        end
+
+        def create_shares(secret)
+          random_coefficients = generate_random_coefficients
+          (1..total_shares).map.with_index { |x, i| [i + 1, f(x, secret, random_coefficients) % p] }
+        end
+
+        def reconstruct_secret(points)
+          xs = points.map(&:first)
+          ys = points.map(&:last)
+          l0s = lagrange_basis_polynomial(xs)
+          l0s.zip(ys).map { |l, y| l * y }.sum % p
+        end
+
+        private
+
+        def generate_prime
+          @p = random_prime(lambda_)
+        end
+
+        def generate_random_coefficients
+          random_distinct_numbers("integer", total_shares - 1, lambda_ - 1)
+        end
+      end
+    end
+  end
+end

data/lib/sharing/polynomial/tools.rb

@@ -0,0 +1,24 @@
+# frozen_string_literal: true
+
+module Sharing
+  module Polynomial
+    # helper tool for computations with polynomials
+    module Tools
+      def lagrange_basis_polynomial_inner_loop(index, xs_)
+        product = 1
+        (0..xs_.size - 1).reject { |l| l == index }.each do |j|
+          product *= Rational(-xs_[j], xs_[index] - xs_[j])
+        end
+        product
+      end
+
+      def lagrange_basis_polynomial(xs_)
+        (0..xs_.size - 1).map { |i| lagrange_basis_polynomial_inner_loop(i, xs_) }
+      end
+
+      def f(poly_var, secret, random_coefficients)
+        secret + random_coefficients.each_with_index.inject(0) { |sum, (c, i)| sum + (c * (poly_var**(i + 1))) }
+      end
+    end
+  end
+end

data/lib/sharing/version.rb

@@ -0,0 +1,5 @@
+# frozen_string_literal: true
+
+module Sharing
+  VERSION = "0.1.0"
+end

data/lib/sharing.rb

@@ -0,0 +1,26 @@
+# frozen_string_literal: true
+
+require "prime"
+require_relative "sharing/version"
+require "hensel_code"
+
+# module secret sharing
+module Sharing
+  class Error < StandardError; end
+
+  # autoload :CRTAsmuthBloomV2, "sharing/crt_asmuth_bloom_v2"
+
+  # module for polynomial-based features
+  module Polynomial
+    autoload :Tools, "sharing/polynomial/tools"
+    module Shamir
+      autoload :V1, "sharing/polynomial/shamir/v1"
+    end
+  end
+
+  module CRT
+    module AsmuthBloom
+      autoload :V2, "sharing/crt/asmuth-bloom/v2"
+    end
+  end
+end

data/sharing.gemspec

@@ -0,0 +1,39 @@
+# frozen_string_literal: true
+
+require_relative "lib/sharing/version"
+
+Gem::Specification.new do |spec|
+  spec.name = "sharing"
+  spec.version = Sharing::VERSION
+  spec.authors = ["David William Silva"]
+  spec.email = ["contact@davidwsilva.com"]
+
+  spec.summary = "Secret sharing with Ruby."
+  spec.description = "Secret sharing with Ruby."
+  spec.homepage = "https://github.com/davidwilliam/sharing"
+  spec.license = "MIT"
+  spec.required_ruby_version = ">= 2.6.0"
+
+  spec.metadata["homepage_uri"] = spec.homepage
+  spec.metadata["source_code_uri"] = "https://github.com/davidwilliam/sharing"
+  spec.metadata["changelog_uri"] = "https://github.com/davidwilliam/sharing/blob/main/CHANGELOG.md"
+
+  # Specify which files should be added to the gem when it is released.
+  # The `git ls-files -z` loads the files in the RubyGem that have been added into git.
+  spec.files = Dir.chdir(File.expand_path(__dir__)) do
+    `git ls-files -z`.split("\x0").reject do |f|
+      (f == __FILE__) || f.match(%r{\A(?:(?:test|spec|features)/|\.(?:git|travis|circleci)|appveyor)})
+    end
+  end
+  spec.bindir = "exe"
+  spec.executables = spec.files.grep(%r{\Aexe/}) { |f| File.basename(f) }
+  spec.require_paths = ["lib"]
+
+  # Uncomment to register a new dependency of your gem
+  spec.add_dependency "hensel_code", "~> 0.3.0"
+  spec.add_dependency "prime", "~> 0.1.2"
+
+  # For more information and examples about making a new gem, check out our
+  # guide at: https://bundler.io/guides/creating_gem.html
+  spec.metadata["rubygems_mfa_required"] = "true"
+end

data/sig/secret_sharing.rbs

@@ -0,0 +1,4 @@
+module SecretSharing
+  VERSION: String
+  # See the writing guide of rbs: https://github.com/ruby/rbs#guides
+end

metadata

@@ -0,0 +1,91 @@
+--- !ruby/object:Gem::Specification
+name: sharing
+version: !ruby/object:Gem::Version
+  version: 0.1.0
+platform: ruby
+authors:
+- David William Silva
+autorequire:
+bindir: exe
+cert_chain: []
+date: 2022-03-25 00:00:00.000000000 Z
+dependencies:
+- !ruby/object:Gem::Dependency
+  name: hensel_code
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 0.3.0
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 0.3.0
+- !ruby/object:Gem::Dependency
+  name: prime
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 0.1.2
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 0.1.2
+description: Secret sharing with Ruby.
+email:
+- contact@davidwsilva.com
+executables: []
+extensions: []
+extra_rdoc_files: []
+files:
+- ".rubocop.yml"
+- CHANGELOG.md
+- Gemfile
+- Gemfile.lock
+- LICENSE.txt
+- README.md
+- Rakefile
+- bin/console
+- bin/setup
+- lib/sharing.rb
+- lib/sharing/crt/asmuth-bloom/v2.rb
+- lib/sharing/polynomial/shamir/v1.rb
+- lib/sharing/polynomial/tools.rb
+- lib/sharing/version.rb
+- sharing.gemspec
+- sig/secret_sharing.rbs
+homepage: https://github.com/davidwilliam/sharing
+licenses:
+- MIT
+metadata:
+  homepage_uri: https://github.com/davidwilliam/sharing
+  source_code_uri: https://github.com/davidwilliam/sharing
+  changelog_uri: https://github.com/davidwilliam/sharing/blob/main/CHANGELOG.md
+  rubygems_mfa_required: 'true'
+post_install_message:
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: 2.6.0
+required_rubygems_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+requirements: []
+rubygems_version: 3.3.3
+signing_key:
+specification_version: 4
+summary: Secret sharing with Ruby.
+test_files: []