Shamir's Secret Sharing

Shamir’s Secret Sharing is a mechanism by which N people may each have a piece of of information, such that when any M people come together the pieces can be used to reproduce a secret – but if only M-1 pieces are brought together, you have zero bits of the secret.

It’s a really clever bit of math, invented by Adi Shamir (of RSA fame) based on polynomials.

I’ve been looking at various implementations of the technique for some time and have been playing most significantly with “SSSS” by one Mr. B. Poettering. His code is wonderfully simple (as such things can be), and I had precisely no problems getting it working on my Mac.

I have, for some time, been maintaining a Github repo that incorporates his last build, a patch he offers but hasn’t actually packaged up into a new release, plus a few very minor touchups on my part.

I am happy to say that as of today, all of the major items I wished to accomplish are completed:

  1. Improved setup instructions / build and install process. That boils down to:
    • Better docs.
    • Making make resilient to not having xmltoman.
    • Adding a make install task.
  2. Add an option causing a failure to memlock to be a fatal error.
  3. More consistent use of stdout/stderr to facilitate automation.
  4. Cryptographically signed git tags so people can verify that my releases have not been tampered with.

As of today, all of the above are done. Please go check it out – and be sure to verify the tag before building (see the README.md for details!).

The only item on my TODO list remaining was a binary release – but I think that may wind up being supplanted by a Homebrew Formula, as Homebrew provides all the dependencies (MacPorts still doesn’t provide xmltoman), and has already managed to make my life easier than MacPorts ever did.

Enjoy!

security 315 words, est. time: 63 seconds.

« Beyond Putting a Burger In Your Shell Know What You're Actually Testing »

Comments

Copyright © 2016 - Jon Frisby - Powered by Octopress