Command Line Interface¶
A single command line utility
pvss is provided to serve as an example on how to use the API.
Generic usage is
pvss <datadir> <command> [ARGS...] where
datadir is some directory
which contains all public messages from the PVSS workflow.
Help for the available commands is included in the tool:
The following sequence of shell commands is executed by six different users who
share a data directory. E.g. use git to synchronize it between the users. All
datadir are public. All files outside of it are private.
(init) $ pvss datadir genparams rst255 (alice) $ pvss datadir genuser Alice alice.key (boris) $ pvss datadir genuser Boris boris.key (chris) $ pvss datadir genuser Chris chris.key (dealer) $ pvss datadir splitsecret 2 secret0.der (receiver) $ pvss datadir genreceiver recv.key (boris) $ pvss datadir reencrypt boris.key (alice) $ pvss datadir reencrypt alice.key (receiver) $ pvss datadir reconstruct recv.key secret1.der
secret1.der should compare equal.
The dealer and receiver can encrypt an actual payload by using that file as a shared key.
datadir is made up of:
parameters- Cryptographic group and other parameters (
users- Directory with random file names for each user public key (
shares- Shared of the secret (
receiver- Receiver’s public key (
reencrypted- Directory with random file names for re-encrypted shares (