Visit our FacebookVisit our TwitterVisit our YouTube channel
ALVOSEC

Shamir's Secret Sharing Scheme

2022-11-27
Mirsad

Shamir's Secret Sharing (SSS) is an efficient secret sharing algorithm for distributing private information (the "secret") in such a way that no individual holds intelligible information about the secret. To achieve this, the secret is converted into parts (the "shares") from which the secret can be reassembled when a sufficient number of shares are combined but not otherwise. SSS has the unusual property of information theoretic security, meaning an adversary without enough shares cannot reconstruct the secret even with infinite time and computing capacity. A standard SSS specification for cryptocurrency wallets has been widely implemented.

If you want to use even more advanced way of storing password or cryptocurrency private key, then you can use ssss - (Shamir's Secret Sharing Scheme), a cryptography program to split a secret into n parts, requiring at least t parts to be recovered (with t <= n).

sudo apt install ssss

Then we have two options ssss-combine and ssss-split, in our case we will use ssss-split:

ssss-split -t 3 -n 3 -w btc -s 128
Generating shares using a (3,3) scheme with a 128 bit security level.
Enter the secret, at most 128 ASCII characters:

Enter your password which you want to split in 3 parts. We've also added option -w and -s that enforce security level (in bits).

-w token Text token to name shares in order to avoid confusion in case one utilizes secret sharing to protect several independent secrets. The generated shares are prefixed by these tokens.

-s level Enforce  the  scheme's  security level (in bits). This option implies an upper bound for the length of the shared secret (shorter secrets are padded). Only multiples of 8 in the range from 8 to 1024 are allowed. If this option is omitted (or the  value  given  is 0) the security level is chosen automatically depending on the secret's length. The security level directly determines the length of the shares.

Output will look like this:

Generating shares using a (3,3) scheme with a 128 bit security level.
Enter the secret, at most 128 ASCII characters: Using a 160 bit security level.
btc-1-e9df9b4fba7fa9ff09792526247d56d9d
btc-2-5f1968dbcf9d25d58bf09bbe8437cb8bc
btc-3-86caf1799b546be9e3213486ec945e9a4

Now let's combine all 3 shares to recover our secret password:

ssss-combine -t 3
Enter 3 shares separated by newlines:
Share [1/3]: btc-1-e9df9b4fba7fa9ff09792526247d56d9d
Share [2/3]: btc-2-5f1968dbcf9d25d58bf09bbe8437cb8bc
Share [3/3]: btc-3-86caf1799b546be9e3213486ec945e9a4
Resulting secret: 561cPJbLWFwWOMxtEcpE

Three secret shares can be stored on three different locations, but remember that all of them are conditioned by each other in any order!

Join our team

If you're interested in joining our team to assist in researching modern threats across web3, please don't hesitate to reach out to us.

Contact Us

Ready for Action?

Don’t hesitate to contact us if you need more information.
Let's Go!
ALVOSEC
BTC: bc1qnn4zfqqtexl4fkjk2vz6tk74sn92x326wwn0ph

linkedin facebook pinterest youtube rss twitter instagram facebook-blank rss-blank linkedin-blank pinterest youtube twitter instagram