Split method generating duplicate shares sometimes about pyshamir HOT 7 CLOSED

Hey @nalo26,

you can find the latest release here : https://pypi.org/project/pyshamir/

Thanks & Regards,
@konidev20

from pyshamir.

@nalo26 Hi there! That's a good catch there. Thanks for raising the issue. We'll take a look at it as soon as we can and attempt on a fix for it.

from pyshamir.

Hey @nalo26,

The domain of the x_coordinates should be in the open interval [0, 256) and we need 256 unique x_coordinates, logically because of pigeon hole principle, if we try to generate numbers less than 256 in 256 unique positions, then we will always have duplicate x_coordinates.

We found that we need to generate a random shuffle of x_coordinates rather than generating unique x_coordinates. To achieve this, we have generated x_coordinates in the open interval [0,256) and always generate a random shuffle of this array using secrets.SystemRandom().shuffle(x_coordinates).

I ran the unit tests multiple times, similar to your script, and couldn't find a duplicate with the split. Please check the MR and comment if you're good with it.

Thanks,
@konidev20

from pyshamir.

Alright, that's a good fix ! Thanks @sidsbrmnn @konidev20, but i'm afraid there still is an issue :

File "pyshamir/shamir.py", line 85, in split
  output[i][len(secret)] = int(x_coordinates[i]) + 1
ValueError: byte must be in range(0, 256)

Before the fix, the x_coordinates where generated as follow : [secrets.randbelow(255) for _ in range(1, 256)]
This is generating a list of 255 values in the open interval [0, 255) (or in the closed interval [0, 254])

With the fix, this is now generating a list of 256 values in the open interval [0, 256) (or in the closed interval [0, 255])

I managed to fix this little issue by removing the +1 when generating the list in the generate_x_coordinates(n) function.
This is fixing the issue by generating back 255 values in the open interval [0, 255), as before.

Thanks for having addressed the issue that fast ! After this little fix, is it possible for you to create a new release ? It would be more convenient for me to update with pip instead of editing the sources !

from pyshamir.

Hey @nalo26, thank you for your continued help to improve this package. I have raised another MR. Please share with us your script you're testing this package with.

from pyshamir.

@konidev20 Here's the code i'm using:

import pyshamir
import random

from Crypto.PublicKey import RSA
from tqdm import tqdm

PARTS = 3
THRESHOLD = 2


def main():
    for _ in tqdm(range(1000)):
        rsa_key = RSA.generate(2048)
        base_pk = rsa_key.export_key("PEM")

        # Splitting private key
        shares = pyshamir.split(base_pk, PARTS, THRESHOLD)
        shares_hex = [share.hex() for share in shares]

        # Reforming private key
        shares_bytes = [bytes.fromhex(share) for share in shares_hex]
        shares_rdm = random.sample(shares_bytes, k=THRESHOLD)
        reformed_pk = pyshamir.combine(shares_rdm)
        assert base_pk == reformed_pk


if __name__ == "__main__":
    main()

It's a simply version of my needs: Generating a RSA secret key, splitting it with the module, exporting the shares as hexadecimals numbers to be given, before reforming all of it back.
In case you're wondering, the tqdm module and function is only used for tracking the progress of my bruteforce test.

Thanks again for the fixes!

from pyshamir.

Hey @nalo26,

we will do a release shortly by this weekend I reckon.

Thanks
@konidev20

from pyshamir.