python-gfshare 1.0.0 documentation

Author: Chris Lamb <>

This Python library implements Shamir’s method for secret sharing which can be used to split a “secret” into multiple parts. An arbitrary number of those parts are then needed to recover the original file but any smaller combination of parts are useless to an attacker.

For instance, you might split a GPG key into a “3-of-5” share, putting one share on each of three computers and two shares on a USB memory stick. You can then use the GPG key on any of those three computers using the memory stick. If the memory stick is lost you can ultimately recover the key by bringing the three computers back together again.

Under the hood it uses Daniel Silverstone’s libgfshare library.


>>> import gfshare
>>> shares = gfshare.split(3, 5, b"secret")
>>> shares
{104: b'1\x9cQ\xd8\xd3\xaf',
 164: b'\x15\xa4\xcf7R\xd2',
 171: b'>\xf5*\xce\xa2\xe2',
 173: b'd\xd1\xaaR\xa5\x1d',
 183: b'\x0c\xb4Y\x8apC'}
>>> gfshare.combine(shares)

We remove 2 shares. We can still reconstruct the secret as we have 3 out of the 5 originals.

>>> del shares['104']
>>> del shares['171']
>>> gfshare.combine(shares)

After removing another share we now cannot reconstruct the original secret.

>>> del shares['164']
>>> gfshare.combine(shares)



Generate an “n-of-m” share of a given secret into a number of shares.

The threshold number of shares cannot exceed the total share count.

  • threshold (int) – The number of shares required to reconstruct the secret (min: 1).
  • sharecount (int) – The total number of shares to make (min: 2)
  • secret (bytes) – The secret to split.

The generated shares associated with their share number.

Return type:



ValueError, TypeError


Combine a number of shares generated by split() to form the original secret.

If the share cannot be reconstructed, the result is undefined.

Parameters:shares (dict) – A dict of int, bytes pairs.
Returns:The original secret (if available)
Return type:bytes
Raises:ValueError, TypeError, RuntimeError