tinysig module
- class tinysig.network.Node(id, shares_db=<factory>, open_db=<factory>, he_public_keys=<factory>)[source]
Bases:
objectRepresents a node in the network.
Database for holding shares.
Retrieve a share from the ‘shares_db’.
- Return type
Set a share in the ‘shares_db’.
- Return type
Delete a share from the ‘shares_db’.
- Return type
- class tinysig.network.Client(id, shares_db=<factory>, open_db=<factory>, he_public_keys=<factory>, he_private_key=0)[source]
Bases:
tinysig.network.NodeRepresents a client node in the network, inheriting from the ‘Node’ class.
- class tinysig.network.Network(N, q, h=2, C=1)[source]
Bases:
objectRepresents a network of nodes and clients.
Manages the interactions and cryptographic operations within the network, including sharing secrets, broadcasting values, and reconstructing shared values.
- nodes: List[tinysig.network.Node]
List of nodes in the network.
- clients: List[tinysig.network.Client]
List of clients in the network.
- print()[source]
Print a readable representation of the network, including nodes and clients with their databases.
- reconstruct_local(type_share, get_label, save_label, party)[source]
Locally reconstruct exponent share (‘exp’) or base (‘base’) shared value.
- Return type
- send(type_share, label, party, delete=False)[source]
Send exponent (‘exp’) or base (‘base’) share to party.
- Return type
Share secret value with all
- Return type
- tinysig.setup.get_generator(q)[source]
Get the generator (primitive root) for a given prime number q.
- Parameters
q (int) – A prime number for which the generator is needed.
- Returns
The generator (primitive root) for the given prime number.
- Return type
Example
>>> get_generator(23) 5
- class tinysig.setup.DSASetup(p, q, g, h)[source]
Bases:
objectDataclass representing a DSA (Digital Signature Algorithm) setup.
Example
setup = DSASetup.generate_dsa_setup()
- class tinysig.setup.ECDSASetup(curve, p=None, q=None, G=None, h=None)[source]
Bases:
objectDataclass representing an ECDSA (Elliptic Curve Digital Signature Algorithm) setup.
Example
setup = ECDSASetup.generate_ecdsa_setup()
- G: Optional[Crypto.PublicKey.ECC.EccPoint] = None
A base point on the elliptic curve.
- generate_ecdsa_setup()[source]
Generate an ECDSA setup for the specified elliptic curve.
- Returns
An instance of ECDSASetup with generated parameters.
- Return type
- Raises
ValueError – If the specified curve is not supported.
Example
>>> setup = ECDSASetup(curve='P-256').generate_ecdsa_setup()
- class tinysig.tecdsa.ThresholdSignature(N, C, setup=None, debug=False)[source]
Bases:
tinysig.network.Network- clients: List[tinysig.network.Client]
List of clients in the network.
- get_lambda(labels)[source]
Emulates the generation of LAMBDA pairs \(([h^{\gamma}], [\gamma])\) between all nodes.
- rss_protocol(size, label)[source]
Random Secret Sharing (RSS) Protocol.
This function implements a one-round RSS protocol. The goal is to share a random secret value among a group of nodes using a specific label for the shares.
Compute a power-sharing protocol among a group of nodes.
This function implements a one-round protocol to securely compute \(b^{s}\) where the exponent is a secret shared element between the nodes.
- Parameters
base_type (str) – The type of base used: ‘exp’, when base to be used is self.h; ‘base’, when the base to be used is self.dsa.g. Note: ‘base’ option can only be use for the DSA setup.
get_label (str) – The label to retrieve shares of ‘s’ from nodes.
save_label (str) – The label to save the final result to.
- Return type
- Returns
None
Execute an elliptic curve (EC) version of power-sharing protocol.
This function implements a one-round protocol to securely compute \(scalar\cdot G\) where the scalar is a secret shared element between the nodes.
- Parameters
Returns: None
- Return type
Subtract the shares of the exponent of two labels and store the result in another label.
- pow_local(label_base, label_exponent, label_result)[source]
Compute the power of a base saved in open database raised to an exponent and store the result.
- key_agreement_protocol(label, delete=True)[source]
Perform a key agreement protocol to derive a mask of the secret key and the corresponding public key.
- ec_mult_local(label_ec_point, label_scalar, label_result)[source]
Compute the multiplication of a scalar value with an elliptic point curve and store the result.
- encrypt_and_delete_exp_sh_local(label, client_id)[source]
Encrypt the share of the exponent element of the LAMBDA pair and delete the original LAMBDA pair.
- distributed_key_generation_protocol(client_id, label=None)[source]
Execute a distributed key generation protocol for a specific client.
- step_4_encrypt_elements(label_lambda_1, label_lambda_2, labdel_lambda_k_inv, save_label_m, save_label_gap, save_label_lambda_1, save_label_lambda_2, client_id)[source]
Step 4 of the Threshold Signing protocol.
- Parameters
label (str) – The label of the masked factor to be inverted.
label_lambda_1 (str) – The label of lambda 1.
label_lambda_2 (str) – The label of lambda 2.
labdel_lambda_k_inv (str) – The label of \(k^{-1}\).
save_label_m (str) – The label to save encrypted m.
save_label_gap (str) – The label to save \(\lambda_{ ext{gap}}\).
save_label_lambda_1 (str) – The label to save lambda 1.
save_label_lambda_2 (str) – The label to save lambda 2.
client_id (
int) – int
- Return type
- Returns
None
Delete a set of shares.
- Parameters
list (List) – List of shares to delete.
- Return type
- Returns
None
- decrypt_and_reconstruct_local(get_label, save_label, client)[source]
Decryption and reconstruction executed by the client.
- ts_prep_protocol(client_id)[source]
Execute the preprocessing phase of the threshold signature protocol for a specific client.
- broadcast_masked_message_digest(message, client)[source]
Broadcasts a masked message digest to the client.
- sign_local(client_id, delete=True)[source]
Sign a message locally and optionally delete intermediate shares.
- reconstruct_and_verify_sig(message, get_label, client, delete=True)[source]
Reconstructs and verifies a client’s digital signature for a given message.
- Parameters
message (str) – The input message for which the signature is to be reconstructed and verified.
get_label (str) – The label used to retrieve the client’s signature share from the database.
client (Client) – An instance of the client for which the signature is reconstructed and verified.
delete (bool, optional) – A flag indicating whether to delete intermediate shares after verification (default is True).
- Returns
This function doesn’t return a value; it verifies the signature and potentially deletes intermediate shares.
- Return type
- decrypt_reconstruct_unmask_verify_sig_local(message, get_label, client, delete=True)[source]
Reconstructs and verifies a client’s digital signature for a given message.
- Parameters
message (str) – The input message for which the signature is to be reconstructed and verified.
get_label (str) – The label of the shares to be dencrypted and reconstructed.
client (Client) – An instance of the client for which the signature is reconstructed and verified.
delete (bool, optional) – A flag indicating whether to delete intermediate shares after verification (default is True).
- Returns
This function doesn’t return a value; it verifies the signature and potentially deletes intermediate shares.
- Return type
- tinysig.utils.add(values, size)[source]
Calculate the sum of a list of integers modulo ‘size’.
- Parameters
- Returns
The sum of the integers in ‘values’ modulo ‘size’.
- Return type
Examples
>>> add([2, 4, 6], 5) 2 >>> add([3, 7, 10], 4) 0
- tinysig.utils.add_ec(points)[source]
Calculate the sum of a list of elliptic curve points.
- Parameters
points (list[EccPoint]) – A list of elliptic curve points to be summed.
- Returns
The sum of the points.
- Return type
EccPoint
Generates additive secret shares for a given secret value, using modular arithmetic.
- Parameters
- Returns
A list of additive secret shares.
- Return type
List[int]
Example
>>> random.seed(0) >>> generate_additive_shares(26, 3, 2**5) [8, 24, 26]
- tinysig.utils.multiply(values, size)[source]
Calculate the product of a list of values, taking the modulus ‘size’ at each step of multiplication.
- Parameters
- Returns
The product of the values, computed modulo ‘size’.
- Return type
Example
>>> multiply([2, 4, 6], 5) 3
- tinysig.utils.egcd(a, p)[source]
Calculate the modular multiplicative inverse of ‘a’ modulo ‘p’ using the extended Euclidean algorithm.
- tinysig.utils.verify_dsa_signature(message, r, s, y, p, q, g)[source]
Verify a Digital Signature Algorithm (DSA) signature.
- Parameters
message (str) – The message to verify the signature for.
r (int) – The ‘r’ component of the DSA signature.
s (int) – The ‘s’ component of the DSA signature.
y (int) – The public key ‘y’ associated with the signer.
p (int) – The prime modulus used in DSA.
q (int) – A prime divisor of ‘p’.
g (int) – The generator of the subgroup used in DSA.
- Returns
If the signature is valid, no exceptions are raised.
- Return type
- Raises
VerifySignatureError – If the signature verification fails due to one of the following reasons: ‘r’ or ‘s’ is greater than or equal to ‘q’; the calculated ‘v’ does not match ‘r’.
- tinysig.utils.verify_ecdsa_signature(message, r, s, Y, q, G)[source]
Verify an Elliptic Curve Digital Signature Algorithm (ECDSA) signature.
- Parameters
message (str) – The message to verify the signature for.
r (int) – The ‘r’ component of the DSA signature.
s (int) – The ‘s’ component of the DSA signature.
Y (EccPoint) – The public key ‘y’ associated with the signer.
q (int) – Order of the Elliptic Curve group.
G (EccPoint) – The generator of the Elliptic Curve group.
- Returns
If the signature is valid, no exceptions are raised.
- Return type
- Raises
VerifySignatureError – If the signature verification fails due to one of the following reasons: ‘r’ or ‘s’ is greater than or equal to ‘q’; the calculated ‘v’ does not match ‘r’.