 |
Title: Securely share a secret using Shamir's secret sharing |
|
Author: Solène |
|
Date: 21 March 2021 |
|
Tags: openbsd security |
|
Description: |
|
|
|
# Introduction |
|
|
|
I will present you the program ssss (for Shamir's Secret Sharing |
|
Scheme), a cryptography program to split a secret into n parts, |
|
requiring at least t parts to be recovered (with t <= n). |
|
|
 |
Shamir Secret Sharing (method is mathematically proven to be secure) |
|
|
|
# Use case |
|
|
|
The project website list a few use cases for real life and I like them, |
|
but I will share another use case. |
|
|
|
ssss project website |
|
|
|
I used to run a community but there was no person in charge apart me, |
|
which made me a single point of failure. I decided to make the |
|
encrypted backup available to a few kind of trustable community |
|
members, and I gave each a secret. There were four members and I made |
|
the backup password available only if the four members agreed to share |
|
their secrets to get the password. For privacy reasons, I didn't want |
|
any of these people to be able to lurk into the backup, at least, if |
|
someone had happened to me, they could agree to recover the database |
|
only if the four persons agreed on it. |
|
|
|
# How to use |
|
|
|
ssss-split is easy to use, you can only share text with it. So you can |
|
use a very long passphrase to encrypt files and share this passphrase |
|
into many secrets that you share. |
|
|
|
You can install it on OpenBSD using pkg_add ssss. |
|
|
|
In the following examples, I will create a simple passphrase and then |
|
use the generated secrets to get the original passphrase back. |
|
|
|
```ssss-split example |
|
$ ssss-split -t 3 -n 3 |
|
Generating shares using a (3,3) scheme with dynamic security level. |
|
Enter the secret, at most 128 ASCII characters: [Note=>hidden input where I typ… |
|
1-cfef7c2fcd283133612834324db968ef47e52997d23f9d6eae0ecd8f8d0e898b65 |
|
2-e414b5b4de34c0ee2fbb14621201bf16e4a2df70a4b5a16a823888040d332d47a8 |
|
3-0d4d2cebcc67851ed93da3c80c58fce745c34d1fb2d1341da29b39a94b98e0f353 |
|
``` |
|
|
|
When you want to recover a secret, you will have to run ssss-combine |
|
and tell it how many secrets you have, they can be provided in any |
|
order. |
|
|
|
```ssss-combine example |
|
$ ssss-combine -t 3 |
|
Enter 3 shares separated by newlines: |
|
Share [1/3]: 2-e414b5b4de34c0ee2fbb14621201bf16e4a2df70a4b5a16a823888040d332d47… |
|
Share [2/3]: 3-0d4d2cebcc67851ed93da3c80c58fce745c34d1fb2d1341da29b39a94b98e0f3… |
|
Share [3/3]: 1-cfef7c2fcd283133612834324db968ef47e52997d23f9d6eae0ecd8f8d0e898b… |
|
Resulting secret: this is a very very long password |
|
``` |
|
|
|
# Tips |
|
|
|
If you want to easily store a secret or share it to a non-IT person (or |
|
in a vault), you can create a QR code and then print the picture. QR |
|
code has redundancy so if the paper is damaged you can still recover |
|
it, it's quite big on a paper so if it fades of you may not lose data |
|
and it also checks integrity. |
|
|
|
# Conclusion |
|
|
|
ssss is a wonderful program to share a secret among a few people or put |
|
a few secrets here and there for a recovery situation. The program can |
|
receive the passphrase on its standard input allowing it to be |
|
scripted. |
|
|
|
Interesting fact, if you run ssss-combine multiple times on the same |
|
text, you always get different secrets, so if you give a secret, no |
|
brute force can be used to find which input produced the secret. |
