Sharing secrets¶
Introduction¶
In the case of a temporary or permanent catastrophe, it would be good to have a system in place to share secrets with e.g. your spouse or a 3rd party. This could be the password and backup code for a password manager, or a key to an encrypted digital testament.
One way to do this is to split that password or key into N parts and distribute them to N trusted people. You also define how many K people are needed to reconstruct the secret. One of the more known algorithm to do this is called the Shamir Secret Sharing (SSS) algorithm.
Shamir Secret Sharing¶
SSS (Shamir's secret sharing) is used to secure a secret in a distributed form, most often to secure encryption keys. The secret is split into multiple shares, which individually do not give any information about the secret.
To reconstruct a secret secured by SSS, a number of shares is needed, called the threshold. No information about the secret can be gained from any number of shares below the threshold (a property called perfect secrecy).
Test it out here: iancoleman.io/shamir
Code implementations¶
| Repo | Language | Stars |
|---|---|---|
| jesseduffield/horcrux | Go |  |
| shea256/secret-sharing | Python |  |
| dsprenkels/sss | C |  |
| paritytech/banana_split | Javascript |  |
| iancoleman/shamir | Javascript |  |
| timtiemens/secretshare | Java |  |
| corvus-ch/shamir | Go |  |
| teqneers/shamir | PHP |  |
| kurtbrose/shamir | Python |  |
| shamir_secret_sharing | Rust |