| Copyright | Peter Robinson 2014 |
|---|---|
| License | LGPL |
| Maintainer | Peter Robinson <peter.robinson@monoid.at> |
| Stability | experimental |
| Portability | portable |
| Safe Haskell | None |
| Language | Haskell98 |
Crypto.IDA
Description
This module provides an (m,n)-information dispersal scheme that provides data redundancy while preserving secrecy. In other words, this module combines the best of 2 worlds: secret sharing algorithms with low-overhead information dispersal.
Function encode splits a given bytestring into n fragments with the
following properties:
- Any
mof thenfragments are sufficient for reconstructing the original bytestring viadecode, and - the knowledge of up to
m-1fragments does not leak any information about the original bytestring.
In more detail, suppose that we have some bytestring b that we want to
(securely) disperse and parameter m, n.
Running encode m n b does the following:
- Generate a randomly chosen key of 32 bytes, called
key. - Encrypt the bytestring
busingkeyvia AES. - Generate
nshares using the perfect secret sharing algorithm implemented in module Crypto.SecretSharing; see package http://hackage.haskell.org/package/secret-sharingsecret-sharing - Generate
nfragments of the encrypted data using the information dispersal algorithm in Data.IDA. - Finally, we pair up these shares and fragments as
a list of
EncryptedFragments.
The size of each encrypted fragment is O(|b|/m + |key|).
For sufficiently large bytestrings, the O(|b|/m) factor dominates and thus
the scheme is space-optimal.
The secret sharing algorithm guarantess that the knowledge of up to m-1 of
the fragments does not leak any information about the encryption key (and
hence the encrypted data).
- data EncryptedFragment
- encode :: Int -> Int -> ByteString -> IO [EncryptedFragment]
- encodeWithIV :: Int -> Int -> ByteString -> ByteString -> IO [EncryptedFragment]
- decode :: [EncryptedFragment] -> ByteString
Documentation
data EncryptedFragment Source
Arguments
| :: Int | m: number of fragments required for reconstruction |
| -> Int | n: total number of fragments ( |
| -> ByteString | the information that we want to disperse |
| -> IO [EncryptedFragment] | a list of n encrypted fragments. |
Space efficient and secrecy-preserving (m,n)-information dispersal:
Generates n fragments out
of a given bytestring b. Each fragment has size length b / m + O(1).
At least m fragments are required for reconstruction.
Preserves secrecy: The knowledge of less than m
fragments provides no information about the original data whatsoever.
Arguments
| :: Int | m: number of fragments required for reconstruction |
| -> Int | n: total number of fragments ( |
| -> ByteString | the initialization vector for the AES encryption |
| -> ByteString | the information that we want to disperse |
| -> IO [EncryptedFragment] | a list of n encrypted fragments. |
Same as encode but uses an initialization vector for the AES encryption.
decode :: [EncryptedFragment] -> ByteString Source
Reconstruct the original data from (at least) m fragments.
Throws an AssertionFailed exception if an insufficient number fragments are
given or if a decoding error occurs.