secret-splitter 1.0.0

Split secrets into T pieces, or recover split secrets by recombining any D pieces.

Split secrets into T pieces. The secret can be recovered by recombining any D pieces.

Overview (wikipedia)

This module implements:

• block-wise SSS: a block-wise version of Shamir's secret sharing. Full implementation details on https://secret-splitter.com.

Splitting is done by:

1. Apply a random mask to the secret
2. For each block of the mask, generate a polynomial of degree D-1
3. A piece consists of the masked secret and one point of each polynomial

Recovering is done by:

1. Collect D pieces: D polynomials for each block of the mask
2. Interpolate the points to retrieve the blocks of the mask
3. Recover the secret by re-applying the mask to the masked version

A puzzle piece is a yaml serialisation of the following mapping:

# string, tells if the secret encoded is a string encoded as UTF-8 ("utf-8") or a raw stream of bytes ("none")
encoding: utf-8

# one  puzzle piece, exact format depending on the implementation
# this implementation stores a sequence of [point, value] items, one per block of the secret
# Flow-sequence format preferred to keep it on one line
puzzle piece: [[1,258],[1,3]]

# base64 representation of the result of the mask XOR the byte representation of the secret
encoded secret: YXo=

# name of the algorithm used for splitting
algorithm: block-wise SSS

# different algorithms might add additional information required for recovering the secret.

Working on blocks makes the algorithm linear in the number of bytes of the secret rather than exponential.