sharing secrets with php

TEQneers GmbH & Co. KG www.teqneers.de

Slide

Secret SharingSplit Brains

1

http://www.teqneers.de


Slide

Password

‣Everything online or sensitive has a password

‣Usually known by single person

‣Person gone = password gone

‣Equivalent to a door's lock

2



Slide

Multi people examples

‣NSA access to mobile devices

‣Four-eyes principle for admins

‣Joint bank account of a company

‣Lawyer needs six family member to open a will

‣Nuclear missile launch system

‣and many more

3



Slide

Advances examples

‣Bank account: access by any 2 of 4 people

‣Nuclear missile: hierarchy of passwords (president counts 3 votes, SoD counts 2, ...)

‣Will: family member die before you, don't want to de-/encrypt will again and send out passwords

‣Will: new family member without redistributing passwords to all again

‣Four-eyes principle: admins can do some operation only with another admin

4



Slide

Characteristic of multi PW solution

‣Exposure of 1 sub password doesn't expose any more hints to attacker

‣All sub passwords required to obtain solution

‣Knowledge of all-but-one no better than knowing none

‣Sub passwords have same magnitude in length than master password

5



Slide

Characteristic of multi PW solution

‣Generate new passwords, because one got exposed, without re-issuing the others

‣Keep sub passwords despite additions/deletions

‣Generate new viable sub password without re-issue

6



Slide

Ideas?

7



Slide

Password Carve-up

‣Discloses partial information

‣Reduces effort of brute-force attack

‣Not elegant

‣Need all pieces like a broken plate

8



Slide

Random Offsets

‣Disclose a password doesn't help attacker

‣Magnitude of passwords is good

‣More elegant

‣Still need all pieces

9



Slide

Exclusive Or (XOR)

‣Disclose a password doesn't help attacker

‣Magnitude of passwords is good

‣More elegant

‣Still need all pieces

10



Slide

Shamir's Algorithm

‣Using a bit of math

‣Not too complicated

‣Matches all requirements

‣Doesn't need all sub-keys to decrypt

‣Threshold cryptosystem

11



Slide

Back to school‣Draw a graph

‣Transform password into coordinate (e.g. 25,20)

‣Now draw a line through this point

‣How would you do it?

12



Slide

Some examples

‣ Infinite possibilities

‣Correct way: you need 2 points

13



Slide

Equation of straight line‣Y = mX + C

‣M is gradient (slope) of line

‣C is intercept of y-axis

‣Our Secret S = C

14



Slide

More solutions

‣Any two point on the line describe the line and determine the interception of y-axis (our S)

15



Slide

Simplest solution

‣Any number of point we desire

‣Distribute hundreds of coordinates

‣ Individually, each coordinate is useless, because infinite number of solutions

‣Any two points together describe solution

‣Awesome!

16



Slide

Order-2‣From linear to quadratic ‣Straight lines are order-1 polynomials ‣Quadratic equations are order-2

‣e.g. y = Ax2 + Bx + C ‣Unlimited solution with only 2 points

17



Slide

Order-2 example

18

‣Any number of point we desire

‣Distribute hundreds of coordinates

‣ Individually, each coordinate is useless, because infinite number of solutions

‣Any three points together describe solution

‣Awesome! Again!



Slide

x-order

19



Slide

Advance feature support‣Not a broken-plate type problem

‣No need of all passwords

‣Non-complete combination no value to attacker

‣Easy to generate new sub passwords, no need to re-issue others

‣ In case of compromised passwords: keep uncompromised coords and generate new curve

‣President: just needs more coordinates than others (e.g. 3) and SoD gets 2, others 1

20



Slide

Demohttps://github.com/teqneers/shamir

21


https://github.com/teqneers/shamir


Slide

Links

‣https://github.com/teqneers/shamir

‣http://en.wikipedia.org/wiki/Secret_sharing

‣http://en.wikipedia.org/wiki/Shamir%27s_Secret_Sharing

‣http://www.cs.cornell.edu/Courses/cs513/2000SP/SecretSharing.html

‣http://groups.csail.mit.edu/cis/crypto/classes/6.857/papers/secret-shamir.pdf

22


https://github.com/teqneers/shamir

http://en.wikipedia.org/wiki/Secret_sharing

http://en.wikipedia.org/wiki/Shamir%27s_Secret_Sharing

http://www.cs.cornell.edu/Courses/cs513/2000SP/SecretSharing.html

http://groups.csail.mit.edu/cis/crypto/classes/6.857/papers/secret-shamir.pdf

sharing secrets with php

Technology