sharing secrets with php
TRANSCRIPT
TEQneers GmbH & Co. KG www.teqneers.de
Slide
Password
‣Everything online or sensitive has a password
‣Usually known by single person
‣Person gone = password gone
‣Equivalent to a door's lock
2
TEQneers GmbH & Co. KG www.teqneers.de
Slide
Multi people examples
‣NSA access to mobile devices
‣Four-eyes principle for admins
‣Joint bank account of a company
‣Lawyer needs six family member to open a will
‣Nuclear missile launch system
‣and many more
3
TEQneers GmbH & Co. KG www.teqneers.de
Slide
Advances examples
‣Bank account: access by any 2 of 4 people
‣Nuclear missile: hierarchy of passwords (president counts 3 votes, SoD counts 2, ...)
‣Will: family member die before you, don't want to de-/encrypt will again and send out passwords
‣Will: new family member without redistributing passwords to all again
‣Four-eyes principle: admins can do some operation only with another admin
4
TEQneers GmbH & Co. KG www.teqneers.de
Slide
Characteristic of multi PW solution
‣Exposure of 1 sub password doesn't expose any more hints to attacker
‣All sub passwords required to obtain solution
‣Knowledge of all-but-one no better than knowing none
‣Sub passwords have same magnitude in length than master password
5
TEQneers GmbH & Co. KG www.teqneers.de
Slide
Characteristic of multi PW solution
‣Generate new passwords, because one got exposed, without re-issuing the others
‣Keep sub passwords despite additions/deletions
‣Generate new viable sub password without re-issue
6
TEQneers GmbH & Co. KG www.teqneers.de
Slide
Password Carve-up
‣Discloses partial information
‣Reduces effort of brute-force attack
‣Not elegant
‣Need all pieces like a broken plate
8
TEQneers GmbH & Co. KG www.teqneers.de
Slide
Random Offsets
‣Disclose a password doesn't help attacker
‣Magnitude of passwords is good
‣More elegant
‣Still need all pieces
9
TEQneers GmbH & Co. KG www.teqneers.de
Slide
Exclusive Or (XOR)
‣Disclose a password doesn't help attacker
‣Magnitude of passwords is good
‣More elegant
‣Still need all pieces
10
TEQneers GmbH & Co. KG www.teqneers.de
Slide
Shamir's Algorithm
‣Using a bit of math
‣Not too complicated
‣Matches all requirements
‣Doesn't need all sub-keys to decrypt
‣Threshold cryptosystem
11
TEQneers GmbH & Co. KG www.teqneers.de
Slide
Back to school‣Draw a graph
‣Transform password into coordinate (e.g. 25,20)
‣Now draw a line through this point
‣How would you do it?
12
TEQneers GmbH & Co. KG www.teqneers.de
Slide
Some examples
‣ Infinite possibilities
‣Correct way: you need 2 points
13
TEQneers GmbH & Co. KG www.teqneers.de
Slide
Equation of straight line‣Y = mX + C
‣M is gradient (slope) of line
‣C is intercept of y-axis
‣Our Secret S = C
14
TEQneers GmbH & Co. KG www.teqneers.de
Slide
More solutions
‣Any two point on the line describe the line and determine the interception of y-axis (our S)
15
TEQneers GmbH & Co. KG www.teqneers.de
Slide
Simplest solution
‣Any number of point we desire
‣Distribute hundreds of coordinates
‣ Individually, each coordinate is useless, because infinite number of solutions
‣Any two points together describe solution
‣Awesome!
16
TEQneers GmbH & Co. KG www.teqneers.de
Slide
Order-2‣From linear to quadratic ‣Straight lines are order-1 polynomials ‣Quadratic equations are order-2
‣e.g. y = Ax2 + Bx + C ‣Unlimited solution with only 2 points
17
TEQneers GmbH & Co. KG www.teqneers.de
Slide
Order-2 example
18
‣Any number of point we desire
‣Distribute hundreds of coordinates
‣ Individually, each coordinate is useless, because infinite number of solutions
‣Any three points together describe solution
‣Awesome! Again!
TEQneers GmbH & Co. KG www.teqneers.de
Slide
Advance feature support‣Not a broken-plate type problem
‣No need of all passwords
‣Non-complete combination no value to attacker
‣Easy to generate new sub passwords, no need to re-issue others
‣ In case of compromised passwords: keep uncompromised coords and generate new curve
‣President: just needs more coordinates than others (e.g. 3) and SoD gets 2, others 1
20
TEQneers GmbH & Co. KG www.teqneers.de
Slide
Demohttps://github.com/teqneers/shamir
21
TEQneers GmbH & Co. KG www.teqneers.de
Slide
Links
‣https://github.com/teqneers/shamir
‣http://en.wikipedia.org/wiki/Secret_sharing
‣http://en.wikipedia.org/wiki/Shamir%27s_Secret_Sharing
‣http://www.cs.cornell.edu/Courses/cs513/2000SP/SecretSharing.html
‣http://groups.csail.mit.edu/cis/crypto/classes/6.857/papers/secret-shamir.pdf
22