Join Log in
Score:0
Wulle avatar Crypto

How to maximise compatibility of Shamir's Secret Sharing

dk flag
Wulle

I want to create a shared secret from a short string (e.g. a password) which should be easy to decrypt also in the long term. Unfortunately, I have quite a hard time to make the different tools work with each other (e.g. encrypt with ssss and decrypt using an online tool like that one.)

  1. How should one convert the string into a hex/int? Most tools have some str2hex methods implemented. But to maximise compatibility, it is probably best, to use one defined method for this conversion?
  2. Which format of the key is most common? ssss uses something like <share-num>-<key> where simply counts from 1. The online tool I linked above does have seemingly arbitrary prefixes (e.g. 801 to 80n)
  3. As described in this post, there seems to be no 'reference' implementation. But which implementation is the most common and future proof?

Example:

I encrypted the simple message hello world with $n=3$ and $k=5$. I get the following shares with different methods:

801677cc787a261d8f85c21695ed7479db5a8c711db5be53f886353611e36a4a18885faac6325630566b1d0690242683a08f7ab08b43d88a035518381049a32e7d1c015548805580cd627a6a212092b6baf3a59b4375ef629686504d60831198e9605ea1e4a816ad7a02b57fa365abaf2b0504a80c548b2322bc9a8fb04cbcf8138

802a79ba64974e16330798f1bb91b40190ff56e0208703767fd54fd24f05b1053ae7fab8ee6774f00c07e84a27e577c3a368d9f531f8b8424fdc37219c826aa8924a3a38f6dc1321e574721036dfbec4770410023dff463d26d00a3593a34048656cb443eaa9f39e83dc8869df1def6a53990d999dc3202165a68f783aaeccd58ba

803c0e761ced680bbc825ae72e7cc0784ba5da913d32bd2587537ae45ee6db4f226fa512285522c05a6cf54cb7c1514003e7a345babb60c84c892f198ccbc986ef563b6dbe5c46a12816087a17ff2c72cdf7b5997e8aa95fb0565a78f32051d08c0ceae20e01e533f9de3d067a3842057fbc0fc196e7a90241ea13378c22767d9ea

804eaba85e75c53d933d110357bac9fcae32d0f84a6dfc9aa00da96f7ea6a2996f7435e0a511a8028adf8f18409c57251f4e254b78be80bb181025d2aaa70567a1ea3459f4794562411aa9f73e36817f02c56f2035dc8b483140fcd35dc2dd0372da88674b119e1bce7cfbeea9714e93a8bfdc90553d608f9cb6b7fa6a5448bb104

8058dc64260fe3201cb8d315c257bd8575685c8957d842c9588b9c596f45c8d377fc6a4a6323fe32dcb4921ed0b871a6bfc15ffbf3fd58311b453deabaeea649dcf6350cbcf910e28c78d39d1f1613c9b836cabb76a9642aa7c6ac9e3d41cc9b9bbad6c6afb988b6b47e4e810c54e3fc849adec85e19e9acb8fa2bb5dcd8f213054

1-fb7b07816f2939e51e0494f7434c814c5f915b456bcbe6847f4b25c86997b0d9493910593e02d73f597cb7baaa169e6e709bccf75ae109dd3d423846d277bedad105de8f8cfa4ea1440c4605befd7972886099091daec2dd7ca42de0747c2c4948b81faaba739772457ad9aea91dcb56aafe35b7b27e57a91450d24e3879adbb

2-10ede114c4320a7000bcfb640013659c83d3402bc1ff1c6b79e189a14e162ab7ca2c24a2ddf85cb0f6e1028ebf9b9467b41917731a15be9edb8d3daba2e146e525b681f5aa29a5c8fe470e1df0b7457b35b219bc52ba1033a5469b5146519a2290e49173a68fbc7492cd9ebd8281a56c785e220e1ab8e767d092a7cb6e22fac9

3-605e2829637d01aa1386dc882365aab75e718b2896260df53e8d5f0bb983625aa636a282f302f026938ddc168b766004bdf6ddd07c1888c42c9897c127b1691da5b5984b18d0dc056324ce37f424f5ac7e9412cea1390ad07b067d4b5b491deb2d250cc813363e6d3e5229c8eaafbb2b7948469256eca8ec2ed1c213bcafc873

4-548866a1dbe6fd4db9e23d793b7acf236b6729308eb600cf87d458bdc2d2505727d609a0c92dcd4ea951e40bfed6cc6b9964359dda908b061625206841301e756abf9c5fd13796d8e082b7d2202665d9ac4df17df945bf0e412e18d0631e3000463b0483559bf3e597eaf42509ee06254aee5f15c7e667e3870ef89d6468563b

5-243baf9c7ca9f697aad81a95180c0008b6c5e233d96f1151c0b88e17354718ba4bcc8f80e7d761d8cc3d3a93ca3b3808908bff3ebc9dbd5ce1308a02c460318deabc85e163ceef157de177f824b5d50ee76bfa0f0ac6a5ed9f6efeca7e06b7c9fbfa9938e02271fc3b75435061c018624bf83b898bb22868794d9d45b6e56493

f-2c9d7393bc96215d194b1
e-d1268921fa76f8cb67Aafa
d-b87637f53fbe31132fe68
c-913acb42Ad3ca172729e3a
b-82f14b7b6053c474e7cb41

I was not able to decrypt any of those shares with a different tool which makes the whole process more or less useless (if for example some tools do not work in the future anymore).

Do you have any tips, how I should process the messages for a maximum compatibility also in the future?

41
1 + 0
Score:1
Richard Thiessen avatar Crypto
mx flag
Richard Thiessen

Javascript is unlikely to dissapear or change to cause incompatibility. Old JS applications packaged as a single web page with all dependencies run just fine.

So consider turning the message into several share.html files. The file would contain the message share, some text boxes or a file upload form in which to paste additional shares and a copy of secret.js.

As an alternative you could use a bookmarklet. The bookmarklet can likely be small (300 chars maybe) and just prompt the user with some text alert boxes or something.

A little bit of extra work can turn the resulting web page into a quine if you feel like getting fancy, allowing that page to spit out another set of secret shares for something else.

+ 0
ธงชาติไทย
Elon Musk
I sit in a Tesla and translated this thread with Ai:

mangohost

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.