Dividing encryption keys with Secret Sharp Shamir Secret

Secret Sharp is a free Windows program based on the Shamir Secret Sharing scheme, a way to divide the decryption key to distribute it in between multiple participants. Data decryption is not possible without more than one share, if one of the keys were to be compromised it would be useless to decrypt anything on its own. The only way to unlock encrypted data in a Shamir Secret scheme is with multiple keys, named shares, in Secret Sharp you can set up a minimum of 2 shares and a maximum of 100 shares.

The software can only encrypt text messages and it needs .NET installed for it to work in Windows. After launching Secret Sharp a wizard will ask you whether you want to Combine Shares to decrypt a message or Share A Secret to encrypt data.

When you create a new secret you will be asked how many parts you would like to create and how many of the shares will be needed to reconstruct the secret. As it might not be always possible to get all of the participants shares, you can create a secret made up of, for example, 10 shares, with only 4 of those shares needed to decrypt the data. This allows for members of the group to be away on holiday, deceased, etc, and the others will still be able to access the secret with any of the 4 keys structuring the 10 shares secret.

Secret Sharp rebuild Shamir shares

Secret Sharp rebuild Shamir shares

The person that creates the secret gets to view all of the shares before distributing them to the participants, it is imperative that the secret creator has a secure computer with no trojan horse and can not be unsettled, there is nothing stopping that person from making a copy of the shares before distributing them instead of securely wiping the shares.

To rebuild an encrypted secret you will need to be in possession of the necessary shares and stipulate to Secret Sharp how many shares are needed to reconstruct it, the latter can be told to everybody in the group without endangering the secret and should be written down somewhere during share distribution.

Secret Sharp is the Windows version of ssss (Shamir Secret Sharing Scheme), a command line program for UNIX machines that does the same thing and there are also Java implementations around that will work on any machine, like Mac computers.

You could find a Shamir Secret encryption program like Secret Sharp useful to leave written instructions to be opened if you die, instructions to be opened if you are captured by the enemy or just to make sure what there are at least two people reading the message and trust is not placed on a single person alone.

Visit Secret Sharp homepage

  1. 20 August, 2014
  2. 20 August, 2014

Leave a Reply

Your email address will not be published. Required fields are marked *