Split secrets into pieces, or attemp to recover secrets by recombining a subset of pieces.
Project description
Secret Splitter
- Turn your digital secrets into digital puzzles (literally).
- Distribute the pieces among a group of people.
- Anyone can decode the secret by collecting all the pieces back.
- But if even one piece is missing, all they have is random data.
- You then trust that group of people to only share their pieces for a good reason.
- You can add resilience by allowing for some pieces to be missing / corrupt.
This module implements:
-
block-wise SSS
: a block-wise version of Shamir's secret sharing. Full implementation details on https://secret-splitter.com.Working on blocks makes the algorithm linear in the number of bytes of the secret rather than exponential.
Splitting
- Apply a random mask to the secret
- For each block of the mask, generate a polynomial of degree D-1
- A piece consists of the masked secret and one point of each polynomial
Recovery
- Collect D pieces: D polynomials for each block of the mask
- Interpolate the points to retrieve the blocks of the mask
- Recover the secret by re-applying the mask to the masked version
Standard piece format
A puzzle piece is a yaml serialisation of the following mapping:
# string, tells if the secret encoded is a string encoded as UTF-8 ("utf-8") or a raw stream of bytes ("none")
encoding: utf-8
# one puzzle piece, exact format depending on the implementation
# this implementation stores a sequence of [point, value] items, one per block of the secret
# Flow-sequence format preferred to keep it on one line
puzzle piece: [[1,258],[1,3]]
# base64 representation of the result of the mask XOR the byte representation of the secret
encoded secret: YXo=
# name of the algorithm used for splitting
algorithm: block-wise SSS
# different algorithms might add additional information required for recovering the secret.
Installation
-
Using PyPi
python3 -m pip install secret-splitter
-
From source
git clone https://git.sr.ht/~retzoh/secret-splitter-py && cd secret-splitter-py && python3 -m pip install .
Usage
-
Command line
echo "secret" | python3 -m secret_splitter split 3 2 --stdin | python3 -m secret_splitter solve
See
python3 -m secret_splitter --help
for all options. -
Python script
>>> from secret_splitter import split, solve >>> pieces = split('secret', 3, 2) >>> secret = solve(pieces)
Contibute
Contributions of new algorithms are welcome as long as they pass the test & lint suite.
To add a new algorithm, create src/secret_splitter/algorithm.py and add it to ALGORITHMS in src/secret_splitter/secret_splitter.py.
Install redo and run redo
from the root folder to run the tests.
Project details
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Hashes for secret_splitter-1.6.0-py3-none-any.whl
Algorithm | Hash digest | |
---|---|---|
SHA256 | 3c60b2857526bbcc6b4cf9c438e113b3c06f23e3aa7c991241d166622f07c70a |
|
MD5 | 9bcd887003678aa7cc38ada7a8b871a6 |
|
BLAKE2b-256 | 1eb283d35c15329eaec6c72a03364ce6b6229e5d5864a77bf4c818bdc2b1704b |