Add a way for a key share holder to prove that they still control the share

[fjarri]

It may be useful if any key share holder could prove separately, without invoking the rest of the holders, that they still control the share (that is, have its secret data). The secret data in a KeyShare is, currently:

• the share itself (a Scalar)
• an RSA key (a pair of primes)
• a power lambda for ring-Pedersen commitment (an Uint), where the commitment is a public pair (s, t) such that s = t^lambda. This power is currently not stored in the keyshare since it is not used anymore, but it may be, for the purpose of implementing the functionality in this issue.
• an el-Gamal key (a Scalar) (currently unused, intended for use in Implement Presigning/Signing with O(N) identification cost #36)

The API is probably that of an interactive challenge, where the user will provide some data, and we generate a proof that can be verified with the public part of a key share. For the Scalars just using them as signing keys to sign the data would probably work, as for the lambda and the RSA keys, not sure at the moment.