Title: Securely share a secret using Shamir's secret sharing | |
Author: Solène | |
Date: 21 March 2021 | |
Tags: openbsd security | |
Description: | |
# Introduction | |
I will present you the program ssss (for Shamir's Secret Sharing | |
Scheme), a cryptography program to split a secret into n parts, | |
requiring at least t parts to be recovered (with t <= n). | |
Shamir Secret Sharing (method is mathematically proven to be secure) | |
# Use case | |
The project website list a few use cases for real life and I like them, | |
but I will share another use case. | |
ssss project website | |
I used to run a community but there was no person in charge apart me, | |
which made me a single point of failure. I decided to make the | |
encrypted backup available to a few kind of trustable community | |
members, and I gave each a secret. There were four members and I made | |
the backup password available only if the four members agreed to share | |
their secrets to get the password. For privacy reasons, I didn't want | |
any of these people to be able to lurk into the backup, at least, if | |
someone had happened to me, they could agree to recover the database | |
only if the four persons agreed on it. | |
# How to use | |
ssss-split is easy to use, you can only share text with it. So you can | |
use a very long passphrase to encrypt files and share this passphrase | |
into many secrets that you share. | |
You can install it on OpenBSD using pkg_add ssss. | |
In the following examples, I will create a simple passphrase and then | |
use the generated secrets to get the original passphrase back. | |
```ssss-split example | |
$ ssss-split -t 3 -n 3 | |
Generating shares using a (3,3) scheme with dynamic security level. | |
Enter the secret, at most 128 ASCII characters: [Note=>hidden input where I typ… | |
1-cfef7c2fcd283133612834324db968ef47e52997d23f9d6eae0ecd8f8d0e898b65 | |
2-e414b5b4de34c0ee2fbb14621201bf16e4a2df70a4b5a16a823888040d332d47a8 | |
3-0d4d2cebcc67851ed93da3c80c58fce745c34d1fb2d1341da29b39a94b98e0f353 | |
``` | |
When you want to recover a secret, you will have to run ssss-combine | |
and tell it how many secrets you have, they can be provided in any | |
order. | |
```ssss-combine example | |
$ ssss-combine -t 3 | |
Enter 3 shares separated by newlines: | |
Share [1/3]: 2-e414b5b4de34c0ee2fbb14621201bf16e4a2df70a4b5a16a823888040d332d47… | |
Share [2/3]: 3-0d4d2cebcc67851ed93da3c80c58fce745c34d1fb2d1341da29b39a94b98e0f3… | |
Share [3/3]: 1-cfef7c2fcd283133612834324db968ef47e52997d23f9d6eae0ecd8f8d0e898b… | |
Resulting secret: this is a very very long password | |
``` | |
# Tips | |
If you want to easily store a secret or share it to a non-IT person (or | |
in a vault), you can create a QR code and then print the picture. QR | |
code has redundancy so if the paper is damaged you can still recover | |
it, it's quite big on a paper so if it fades of you may not lose data | |
and it also checks integrity. | |
# Conclusion | |
ssss is a wonderful program to share a secret among a few people or put | |
a few secrets here and there for a recovery situation. The program can | |
receive the passphrase on its standard input allowing it to be | |
scripted. | |
Interesting fact, if you run ssss-combine multiple times on the same | |
text, you always get different secrets, so if you give a secret, no | |
brute force can be used to find which input produced the secret. |