Process hangs when trying to recover with insufficient number of shares about pyseltongue HOT 6 CLOSED

Can you show me what you're doing to get this? That is not what I see, what is returned by the library is an incorrect string; I just changed locally all my unittests to provide one less share than they need. All unittests failed very quickly. I also had the unittests print out the returned string.

test_2_of_2_sharing (__main__.ShamirSharingTest) ... ed4a24e174b8bf56b1860e5166daf9c5e170fd49c1873a5bcf5db87846e541bd
FAIL
test_2_of_3_sharing (__main__.ShamirSharingTest) ... dd9c30f2c35341bc86ce9182b47d004f2a41df2a70e9f7c5ea5eb8865059a165
FAIL
test_4_of_7_sharing (__main__.ShamirSharingTest) ... 175a67c3f9a765817149fe2b26825980ade17ae9d9d49de52a760a37f04d8cab
FAIL
test_5_of_9_sharing (__main__.ShamirSharingTest) ... 49a9d42609c4ceab9483d1091c6375acce78c2fe456830443ce5d481079189d
FAIL
test_b58_to_b32_sharing (__main__.ShamirSharingTest) ... AYsSL9nbEMvssFAprmpJTgjwNVE9eQyicRaLVtTJmfVB9XJtrRAWXJA
FAIL
test_b58_to_b58_sharing (__main__.ShamirSharingTest) ... 9QHugoFsD8jfGtPkraGR222qS9maWNqXJoNzxFghxSak8inEwq29ioM
FAIL
test_b58_to_zb32_sharing (__main__.ShamirSharingTest) ... 5ZJhhsyA394oDHwLix4huHYuo4nmCaLYpesdzY78hNZJRs6kQDB2Poz
FAIL
test_hex_to_base64_sharing (__main__.ShamirSharingTest) ... 4f68f4c822da78e7d190e9900ad52256536e49d42b4c9010a166b26f9f8de352
FAIL
test_hex_to_hex_sharing (__main__.ShamirSharingTest) ... 5072017eed78ef3556bfabe2ef8af4e9724e4e4c97b2cad65f4ed658c1aa2093
FAIL
test_printable_ascii_to_hex_sharing (__main__.ShamirSharingTest) ... 9P
{!K)R5N9}Sj-X.|1J.QQ+8A!oYx                                            )#L:E
,t
FAIL

from pyseltongue.

I was using it as a library in my code and didn't get a response for it.

from pyseltongue.

Okay, well given that you aren't showing me what you did; the library itself shows that it returns for it. And the places that this library is being used elsewhere is operating as expected. I'm going to close this issue.

If you later want to show what you did, I might be able to help figure out what is going on, but given this limited information. I can't assist.

from pyseltongue.

It is hard to show the error now as I have changed my code to handle the issue. But even if the library is returning an incorrect string instead of raising an error when insufficient shares are provided, it is not correct.

I am working on integrating my solution for this in the library. Will send a PR when I am done.

from pyseltongue.

No, returning an incorrect string is definitely correct. Telling a user the required number of strings is incorrect, given that the user should already know this.

If you're not convinced look no further than the linux tool ssss
I did a 3 5 split

ssss-split -t 3 -n 5
Generating shares using a (3,5) scheme with dynamic security level.
Enter the secret, at most 128 ASCII characters: Using a 40 bit security level.
WARNING: security level too small for the diffusion layer.
1-a8a0df4dd3
2-cf7a44fca7
3-0fbff7dd1d
4-bc0a06039a
5-7ccfb52232

When I tried to combine them back with only 2 shares: I got a resulting (wrong) secret

> ssss-combine -t 2
Enter 2 shares separated by newlines:
Share [1/2]: 1-a8a0df4dd3
Share [2/2]: 2-cf7a44fca7
WARNING: security level too small for the diffusion layer.
Resulting secret: u.V".
WARNING: binary data detected, use -x mode instead.

When I try to combine them back with the correct number of secrets

> ssss-combine -t 3
Enter 3 shares separated by newlines:
Share [1/3]: 1-a8a0df4dd3
Share [2/3]: 2-cf7a44fca7
Share [3/3]: 3-0fbff7dd1d
WARNING: security level too small for the diffusion layer.
Resulting secret: hello

I get the correct resulting secret.

Edit: The reason why this is correct is because it's an extra level of security; an attacker would have to steal n+1 shares to ensure that the got the correct secret.
Example: I have a random string as a secret and do a 3 by 5 again. with 2 shares the secret would look to be random, 3 shares the secret would still look to be random, only by getting the 4th share and the 3 share unlock being equivalent to the 4 share unlock would they know that this random string is the actual secret.

from pyseltongue.

Ohh that makes sense. I didn't think from that perspective.
Thanks for your explanation.

from pyseltongue.