Split secrets into pieces, or attemp to recover secrets by recombining a subset of pieces.
Project description
Secret Splitter
- Turn your digital secrets into digital puzzles (literally).
- Distribute the pieces among a group of people.
- Anyone can decode the secret by collecting all the pieces back.
- But if even one piece is missing, all they have is random data.
- You then trust that group of people to only share their pieces for a good reason.
- You can add resilience by allowing for some pieces to be missing / corrupt.
This module implements:
-
block-wise SSS: a block-wise version of Shamir's secret sharing. Full implementation details on https://secret-splitter.com.Working on blocks makes the algorithm linear in the number of bytes of the secret rather than exponential.
Splitting
- Apply a random mask to the secret
- For each block of the mask, generate a polynomial of degree D-1
- A piece consists of the masked secret and one point of each polynomial
Recovery
- Collect D pieces: D polynomials for each block of the mask
- Interpolate the points to retrieve the blocks of the mask
- Recover the secret by re-applying the mask to the masked version
Standard piece format
A puzzle piece is a yaml serialisation of the following mapping:
# string, tells if the secret encoded is a string encoded as UTF-8 ("utf-8") or a raw stream of bytes ("none")
encoding: utf-8
# one puzzle piece, exact format depending on the implementation
# this implementation stores a sequence of [point, value] items, one per block of the secret
# Flow-sequence format preferred to keep it on one line
puzzle piece: [[1,258],[1,3]]
# base64 representation of the result of the mask XOR the byte representation of the secret
encoded secret: YXo=
# name of the algorithm used for splitting
algorithm: block-wise SSS
# different algorithms might add additional information required for recovering the secret.
Installation
-
Using PyPi
python3 -m pip install secret-splitter -
From source
git clone https://git.sr.ht/~retzoh/secret-splitter-py && cd secret-splitter-py && python3 -m pip install .
Usage
-
Command line
echo "secret" | python3 -m secret_splitter split 3 2 --stdin | python3 -m secret_splitter solveSee
python3 -m secret_splitter --helpfor all options. -
Python script
>>> from secret_splitter import split, solve >>> pieces = split('secret', 3, 2) >>> secret = solve(pieces)
Contibute
Contributions of new algorithms are welcome as long as they pass the test & lint suite.
To add a new algorithm, create src/secret_splitter/algorithm.py and add it to ALGORITHMS in src/secret_splitter/secret_splitter.py.
Install redo and run redo from the root folder to run the tests.
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Hashes for secret_splitter-1.8.0-py3-none-any.whl
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 | 7f224d362d07f5ea0257a7b61e55df8f0eab9b146639f482fdf201d3832d7ee0 |
|
| MD5 | 4dd392710aa797129cab9ad2ff796494 |
|
| BLAKE2b-256 | d24ba422367051caf375e78b2272b1438cd7ea379b3ce49250c2dc53483ad4f3 |
