Skip to content
Scala implementation of shamir's secret-sharing scheme.
Branch: master
Clone or download
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Type Name Latest commit message Commit time
Failed to load latest commit information.

Scala -- Shamir's Secret Sharing Scheme

Build Status

This is a scala implementation of Shamir's Secret Sharing Scheme algorithm. See the original pdf


Imagine you do not want to leave the password for launching all your countries nukes in the hand of the president. Instead you decide the secret password I was elected to lead not to read gets distributed to the president, vice president, first lady, influential lobbyist and general of the army. Now you want to allow the nuke whenever 3 of the 5 decide so.

That's what SSSS (Shamir's Secret Sharing Scheme) does. The secret gets split up in n parts and whenever you have at least k of the n parts you can restore the original secret. k - 1 parts of the secret do not help you in any way.

Basic Usage

Add to your build.sbt

    resolvers += "jitpack" at ""
    // scala versions
    libraryDependencies += "com.github.yannick-cw" % "scalaSSSS_2.11" % "0.1.1"	
    libraryDependencies += "com.github.yannick-cw" % "scalaSSSS_2.12" % "0.1.1"	
import SSSS._

val secret = "I was elected to lead not to read"
val secretShares: Either[ShareError, List[Share]] =
  shares(secret = secret, requiredParts = 3, totalParts = 5)

val eitherSecret: Either[ShareError, String] = 
  secretShares.flatMap(shares => combine(shares.take(3)))

// prints "I was elected to lead not to read"

The secret can be restored with any number of shares between requiredParts to totalParts and the ordering does not matter.

The resulting Share case class:

case class Share(x: BigInt, y: BigInt, hash: Array[Byte], primeUsed: String)

The share case class carries all information needed for recombination. The hash is a sha-256 hash and can be used to reidentify shares belonging to the same secret. Furthermore it is used to verify that a valid secret was restored. The primeUsed is a BigInt prime needed for security reason.

Input restraints

  • requiredParts must be less than totalParts
  • requiredParts and totalParts must be bigger 0
  • List[Share] must be non empty
  • List[Share] all shares must have the same hash
  • List[Share] all shares must have the primeUsed


Currently the maximum support input size is 4096 bit. This translates to a maximum of 512 Characters. This limit is given by the maximum pre generated prime number with 4100 bit.

If you feel like hitting this limit I'd recommend encrypting your secret and sharing the private key via SSSS.

There are no limitations on the input size of requiredParts but it might take a while for values >> 1000.

More Usage

Additionally you can pass in a scala.util.Random if you'd like to supply your own. Furthermore the share and combine methods support String, Array[Byte] and BigInt as input and output.

You can’t perform that action at this time.