Bitcoin Forum
March 28, 2024, 07:13:28 PM *
News: Latest Bitcoin Core release: 26.0 [Torrent]
 
   Home   Help Search Login Register More  
Pages: [1]
  Print  
Author Topic: [ANN] PassGuardian.com - Client-side threshold secret sharing  (Read 2402 times)
amper5and (OP)
Newbie
*
Offline Offline

Activity: 8
Merit: 1



View Profile
February 11, 2013, 12:23:14 AM
Last edit: February 15, 2013, 11:50:04 PM by amper5and
Merited by Financisto (1)
 #1

Hello folks,

I am pleased to announce http://passguardian.com. This is a a client-side (browser) implementation of Shamir's threshold secret sharing scheme. In a nutshell, this helps safeguard your secrets by breaking them into cryptographically-secure "shares". A user-defined threshold number of shares are required to reconstruct the original secret. The secret cannot be derived from individual shares.

It is currently hosted on GitHub (https://github.com/amper5and/secrets.js/tree/gh-pages). PassGuardian.com uses the open-source secrets.js (https://github.com/amper5and/secrets.js) implementation of Shamir's sharing scheme. The finite field used in the online version is 8 bits, allowing up to 255 shares.

All computations are performed client-side, in your browser, without transmission of any secrets or shares to the server. Stand-alone and mobile versions are being considered if there is interest.

Currently you can share text and hexadecimal strings. Support for files (drag-and-drop) and QR codes is in development.

For example, to split your private key, paste the hexadecimal version into the input box, select "hexadecimal", select the number of shares and the threshold, then click "split."

This is a work-in-progress, and hopefully I will be able to expand it and add more Bitcoin-specific features over the next couple of weeks.

Feedback, bug reports, suggestions, and criticisms are all very welcome.

Regards,
amper5and
1711653208
Hero Member
*
Offline Offline

Posts: 1711653208

View Profile Personal Message (Offline)

Ignore
1711653208
Reply with quote  #2

1711653208
Report to moderator
1711653208
Hero Member
*
Offline Offline

Posts: 1711653208

View Profile Personal Message (Offline)

Ignore
1711653208
Reply with quote  #2

1711653208
Report to moderator
Transactions must be included in a block to be properly completed. When you send a transaction, it is broadcast to miners. Miners can then optionally include it in their next blocks. Miners will be more inclined to include your transaction if it has a higher transaction fee.
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction.
1711653208
Hero Member
*
Offline Offline

Posts: 1711653208

View Profile Personal Message (Offline)

Ignore
1711653208
Reply with quote  #2

1711653208
Report to moderator
1711653208
Hero Member
*
Offline Offline

Posts: 1711653208

View Profile Personal Message (Offline)

Ignore
1711653208
Reply with quote  #2

1711653208
Report to moderator
1711653208
Hero Member
*
Offline Offline

Posts: 1711653208

View Profile Personal Message (Offline)

Ignore
1711653208
Reply with quote  #2

1711653208
Report to moderator
Mike Hearn
Legendary
*
Offline Offline

Activity: 1526
Merit: 1128


View Profile
February 11, 2013, 05:41:06 PM
 #2

Congrats, this is very cool. I tried it and indeed, no network traffic is sent. It'd be good to have this as a downloadable app though (you could just bundle it up into a single HTML file).

This isn't quite a replacement for CHECKMULTISIG, because that lets you avoid any one party ever having the ability to spend the guarded output, whereas with secret sharing once the threshold is reached each participant (that has access to the shares) has full authority. However, the ability to split arbitrary secrets including text is interesting and may well open up many other applications. At least I'm glad to see someone exploring this.

The next step IMHO is to implement threshold RSA signatures. This is useful because common code signing schemes as used on Android, Windows and MacOS require a standard signature, but we would like to be able to use reproducible builds and threshold signatures to ensure only builds agreed on by a quorum are signed. The current defacto status is that only one person can sign builds. For the Android app, if Andreas "goes away" or gets corrupted, the whole scheme tumbles down. If the signing key were split such that packages were signed with threshold signatures then we could solve this problem.

There is a discussion of threshold RSA here.
alphaguru
Newbie
*
Offline Offline

Activity: 26
Merit: 0


View Profile
February 12, 2013, 11:02:54 AM
 #3

i like this, i was using PGP before but this seems to be alot easier to use for quick encrypting and decryption
amper5and (OP)
Newbie
*
Offline Offline

Activity: 8
Merit: 1



View Profile
February 15, 2013, 11:49:11 PM
 #4

Congrats, this is very cool. I tried it and indeed, no network traffic is sent. It'd be good to have this as a downloadable app though (you could just bundle it up into a single HTML file).
Thanks for the feedback. I also want to make a standalone app. Currently in development. Before I release that, this can be optimized so much with Web Workers. The beauty of Shamir's scheme is that it is highly "parallelizable". Using webworkers, share generation can be sped up and allow for efficient file sharing in the browser as well. This will be the focus of the next major tweaks to PassGuardian.

Quote
This isn't quite a replacement for CHECKMULTISIG, because that lets you avoid any one party ever having the ability to spend the guarded output, whereas with secret sharing once the threshold is reached each participant (that has access to the shares) has full authority.
Def not a replacement for multisig. This addresses a different problem.

Quote
The next step IMHO is to implement threshold RSA signatures...
Thank you for the link. Very interesting. I hope to tackle that and secure multi-party computation at some point, but it will be a while before I do that.
amper5and (OP)
Newbie
*
Offline Offline

Activity: 8
Merit: 1



View Profile
February 15, 2013, 11:53:34 PM
 #5

i like this, i was using PGP before but this seems to be alot easier to use for quick encrypting and decryption

I'm glad you find it useful, but please do not use it as a replacement for PGP. They solve two different problems.
Scrat Acorns
Sr. Member
****
Offline Offline

Activity: 293
Merit: 250



View Profile
February 16, 2013, 12:13:37 AM
 #6

"ssss" on the browser. Very cool!

You should package it in a single .html file and list the hash/pubkey on github (just like bitaddress is doing) to make verification possible.
Financisto
Hero Member
*****
Offline Offline

Activity: 630
Merit: 767

BTC⇆⚡⇄BTC


View Profile WWW
December 01, 2013, 12:44:50 AM
 #7

Very well done app! Congratulations.

I liked it so much. Specially the offline version available at: https://github.com/amper5and/secrets.js/tree/gh-pages

Gonna add this to my "crypto-stuff" collection.

Hope to see further development on this...

Keep up the good work!

Thanks!

BitcoinTalk's ESCROW Providers: Ranking & BlacklistCompilation of (open-source) BRAINWALLET projectsBTC ⇆⚡⇄ BTCBTC aka BTC: 16MBvhaJoRBxW3Vk6apnvz3UYT9HAgraVS ⚡ PGP: 2680207AA9A1B69FE7A033D80DE0F221074384C4 ⚡ If you think freedom matters, please help funding the development of these privacy projects (donating some sats): TailsQubes OSWhonixVeraCryptPicocryptKryptor
Pages: [1]
  Print  
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!