Command Line Interface
A single command line utility pvss is provided to serve as an example on how to use the API.
Generic usage is pvss <datadir> <command> [ARGS...] where datadir is some directory
which contains all public messages from the PVSS workflow.
Help for the available commands is included in the tool: pvss --help
Example
The following sequence of shell commands is executed by six different users who
share a data directory. E.g. use git to synchronize it between the users. All
files inside datadir are public. All files outside of it are private.
(init) $ pvss datadir genparams rst255
(alice) $ pvss datadir genuser Alice alice.key
(boris) $ pvss datadir genuser Boris boris.key
(chris) $ pvss datadir genuser Chris chris.key
(dealer) $ pvss datadir splitsecret 2 secret0.der
(receiver) $ pvss datadir genreceiver recv.key
(boris) $ pvss datadir reencrypt boris.key
(alice) $ pvss datadir reencrypt alice.key
(receiver) $ pvss datadir reconstruct recv.key secret1.der
secret0.der and secret1.der should compare equal.
The dealer and receiver can encrypt an actual payload by using that file as a shared key.
Directory Structure
The datadir is made up of:
parameters- Cryptographic group and other parameters (SystemParameters).users- Directory with random file names for each user public key (PublicKey).shares- Shares of the secret (SharedSecret).receiver- Receiver’s public key (PublicKey).reencrypted- Directory with random file names for re-encrypted shares (ReencryptedShare).