Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Using a "backdoor" password in addition to Shamir? #3

Open
PowerPress opened this issue Dec 1, 2020 · 3 comments
Open

Using a "backdoor" password in addition to Shamir? #3

PowerPress opened this issue Dec 1, 2020 · 3 comments

Comments

@PowerPress
Copy link

Does this only support SSSS or can you use a password as well with AES encryption?

@cyphar
Copy link
Owner

cyphar commented Dec 2, 2020

I have thought about adding a "backdoor" password which lets you recover the document if you remember the password, but it's not supported yet (also this project is still a work-in-progress). The issue is that a weak password makes the backup scheme much weaker because you're likely to make multiple copies of the main document and hand it to several people.

Also we don't use AES, we use ChaCha20-Poly1305.

@cyphar cyphar changed the title Encryption Using a "backdoor" password in addition to Shamir? Dec 24, 2021
@X-Ryl669
Copy link

It's very simple. Run SS once with 2 shares. One is the "backdoor password". Use the second share's key as the document to run SS again, but this time with N shares.

@cyphar
Copy link
Owner

cyphar commented Dec 27, 2021

A 1-threshold scheme is the same as just having the secret key (it's a degree-0 polynomial with the constant being the secret -- so f(x) = secret). I guess we could just give the user a bip39-encoded version of the secret key if they want to keep a copy (though we'd need to give them the Ed25519 key as well if we want them to be able to mint new shards).

But the original suggestion was to have a passphrase the user picks, and use that as the "backdoor" passphrase. This would require embedding the secret key (encrypted with the passphrase) in the main document, which I don't feel super comfortable doing.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Development

No branches or pull requests

3 participants