Implementation of the shamir three pass protocol encryption function in go.
DISCLAIMER: This package has not been thoroughly tested. Feedback about potential security flaws in it are welcome.
The shamir three pass protocol encryption function is commutative, which means that if two or more keys are generated based on the same large prime number, encryption and decryption can be done in any order for the different keys. This means that an exchange like the following one is possible.
This is why the protocol is called three pass protocol, because with three passes a message can be securely sent without the need to exchange keys, given that the parts agree on a large prime number to generate their keys.
Basic usage. Encryption with one key.
package main
import (
"fmt"
"github.com/sorribas/shamir3pass"
"math/big"
)
func main() {
message := []byte("Hello world!")
key := shamir3pass.GenerateKey(1024) // Generate a key based on a random prime
messageBigInt := &big.Int{}
messageBigInt.SetBytes(message) // Converting the message bytes in to a big int
ciphertext := shamir3pass.Encrypt(messageBigInt, key)
decrypted := shamir3pass.Decrypt(ciphertext, key).Bytes()
fmt.Printf("%v\n", string(decrypted)) // prints "Hello world!"
}
Encryption with two keys.
package main
import (
"fmt"
"github.com/sorribas/shamir3pass"
"math/big"
)
func main() {
message := []byte("Hello world!")
prime := shamir3pass.RandomNBitPrime(1024)
key1 := shamir3pass.GenerateKeyFromPrime(prime)
key2 := shamir3pass.GenerateKeyFromPrime(prime)
messageBigInt := &big.Int{}
messageBigInt.SetBytes(message)
ciphertext1 := shamir3pass.Encrypt(messageBigInt, key1)
ciphertext2 := shamir3pass.Encrypt(ciphertext1, key2)
ciphertext3 := shamir3pass.Decrypt(ciphertext2, key1)
decrypted := shamir3pass.Decrypt(ciphertext3, key2).Bytes()
fmt.Printf("%v\n", string(decrypted)) // prints "Hello world!"
}
MIT