https://github.com/multiparty/bwwc

Centralized asynchronous secure aggregation using Shamir's secret sharing for the Boston Women's Workforce Council.
https://github.com/multiparty/bwwc

cryptography secure-multiparty-computation shamir-secret-sharing smpc

Last synced: 29 days ago
JSON representation

Centralized asynchronous secure aggregation using Shamir's secret sharing for the Boston Women's Workforce Council.

• Host: GitHub
• URL: https://github.com/multiparty/bwwc
• Owner: multiparty
• Created: 2023-03-09T18:25:15.000Z (about 3 years ago)
• Default Branch: main
• Last Pushed: 2025-05-08T19:00:52.000Z (11 months ago)
• Last Synced: 2025-05-08T20:19:40.830Z (11 months ago)
• Topics: cryptography, secure-multiparty-computation, shamir-secret-sharing, smpc
• Language: TypeScript
• Homepage:
• Size: 39.3 MB
• Stars: 4
• Watchers: 3
• Forks: 0
• Open Issues: 2
• Metadata Files:
  • Readme: README.md

Awesome Lists containing this project

README

          
### Boston Women's Workforce Council

This system implements Shamir's secret sharing with asymmetric key cryptography to aggregate and sum tables containing secret values. View this [notebook](https://github.com/ch3njust1n/cryptography/blob/main/Shamirs%20Secret%20Sharing.ipynb#enroll-beta) to learn more about Shamir's Secret Sharing.

### Setup

[Client README](client/README.md)

[Backend README](backend/README.md)

### Workflow

**1. Analyst: Login**



**2. Analyst: Create session**

- Generates a keypair and sends the public key to the server where it can be retrieved by participants submitting data.

- The analyst must download the private key to their local system.



**3. Analyst: Generate submission URLs**



**4. Participant: Get prime and public key**

- Participant submits their table data. The client code then converts each cell into secret shares and encrypts 1 plus the threshold number of shares needed to decrypt. This prevents a malicious server from reconstructing the original tables.



**5. Participant: Submits data**

- Check off the box that all data is correct.

- Click submit.



**6. Analyst: View submission history**

- Client code periodically polls the server from submission history metadata.



**7. Analyst: Stop session**

- When the analyst clicks stop, the backend sets a flag to disable any further submissions.

- The backend then merges all the tables together by adding the shares that are not encrypted with a participants private key.



**8. Analyst: Get submissions**

- After clicking reveal results, the client changes views to the decryption page.

- The analyst opens their private key file to decrypt and then recombine the secret shares to get the actual summed results.