This is a distributed lockbox based on Shamir’s Secret Sharing Scheme. It can be used to split a message like:
the password is foobar
into keys like:
Ad5xdKFfyHQAYJRInVPN5DbyK7mDkxYBgkNtzxNBe1k1/6rPc7F1XT5yMys=
AqLbxUZGWNN/V8HG6aV4kwyglD1W3LC6tuZKILMXbwP8Tyk4cx9AC81CxcA=
A329qhu6KEWhsfK8xffgvhplCkHuEtLTUYVXjtMlYzW71KOec45TOZxSl5k=
BFqSupV0ZYCBOWvHAVQPfXgE9yjhQuHR3rEE4+67R7dzMjLLc14qpzYiNAs=
BYX01ciIFRZf31i9LQaXUG7BaVRZjIO4OdIZTY6JS4E0qbhtc885lWcyZlI=
any k (in this case, 2) of which can be recombined to produce the original message. You can use this to distribute a secret among trusted friends, relying on them to only combine keys if some prearranged condition is met (e.g. you lose your password and need it, or you die and want to give them access to your information.)
git submodule update --init
make
surf index.html
A demo lives at https://mrdomino.github.io/lockbox/.
- Rewrite
app.jsandapp.htmlto be saner/better-tested. - Expand functionality to encode longer-form messages with substitution.
- Come up with a reasonable text representation for keys and implement formatting/parsing for it.
- Verify that the message encoding scheme H(m) + m is secure against corruption and (reasonable) attack, or come up with a better one.
- Provide an option for truly paranoid people to manually enter entropy.
- Make the code work without
TypedArray(for rhino and older browsers). - Use GF(2m) for larger m to allow more keys.
- Automated testing.
- Add nicer documentation.
- Once it’s passed the “my mom can use it” bar, spread it around.
- The Galois Field implementation is based heavily on James Plank’s Fast Galois Field Arithmetic Library in C/C++.
- The SSSS API is inspired by point-at-infinity’s ssss.
- Seeing Larry Leinweber’s GF(2m) Elliptic Curve Calculator got me over the initial “waaah, I don’t want to write a Galois Field library in JavaScript” angst.
- Clipperz demonstrated the feasibility of zero-knowledge web-apps and client-side JavaScript crypto, and is one of few programs I regularly use that passes the “I have had drinks with the author” trust-bar. (Incidentally, I want this to be true for more software I use.)