Thursday, August 10, 2017

Secret Splitting Revisited

I wrote about secret splitting some ten years ago and decided to fresh things up and create a new easy-to-use template. You only need a pen, paper and first grade math to obtain absolute security. But first, a quick reminder on what secret splitting is, how it works and why everyone should know this interesting system.

Secret splitting (also called secret sharing) enables you to split a secret code into multiple shares and give those shares in the custody of several persons. Retrieving the original code is only possible if the shareholders agree upon putting their shares together. The secret could be the code to a combination lock, safe deposit box, electronic key or password. You can split passwords to access a computer, encrypted files, a digital lock to enter a building or disable an alarm system.

An interesting property of secret splitting is that more people with shares means more security, because more people have to agree on putting their shares together, which is the opposite of sharing the secret itself, where more people means more risk.

There are many useful applications for secret splitting where you need to delegate access to your secret code in a specific situations. You can appoint several persons that will be able to open your safe with money or critical information in case of emergency. None of them can act alone and a single trustworthy person among them is enough to prevent misuse.

A parent who has stored his money, documents or valuables in a safe deposit box can split the number combination and all children receive a share. In case of emergency or the parent's decease they can only access the safe when all of them agree upon opening the safe. Each shareholder can even split his own share again into two shares, to hide his sub-shares separately as backup or destroy his original share and store his sub-shares at different places to increase security.

You can use secret splitting for secure remote delegation through insecure channels. Create a share for yourself and one or more shares for other persons. This way, you can be on the other side of the world and send your share to all other shareholders to give them access to a computer file or the pin code of a credit card, to name a few. The shareholders can only retrieve the code at the moment that you decide to give them your share and they all need to agree. You can use any insecure method like e-mail, chat or telephone to send your share, because that single share never reveals any useful information to an eavesdropper.

The template to create your own secure shares (download pdf here)

For our template we use the method where all shares are required to retrieve the original. It is mathematically impossible to retrieve the original if a single shareholder refuses to disclose his share. This method is information theoretically secure, read unbreakable.

There is another method, called secret splitting with threshold, which requires less shares than the total number of shares to retrieve the original. It's security is based on mathematical complexity. Unfortunately, this method does not guarantee information theoretical security.

Of course, you cannot simple cut a code or password in half or quarters, as this would reveal at least part of the code and provide clues to find the rest of the code or reduce the number of combinations to try out. The secret splitting we use is based on the principle of one-time pad encryption and all calculations are performed modulo 10 (addition without carry and subtraction without borrowing). The secret code is encrypted with one or more truly random keys and, in contrast to sending the encrypted secret to the receiver, we use the random keys and the encrypted code as shares.

We can only retrieve the original code when the encrypted code and all keys are put together. Take one share out of the equation and it will be mathematically impossible to decrypt the code. The only requirements are the use of truly random digits and, obviously, secure physical separation of the shares. The small number of required truly random digits are easily generated manually.

Secret splitting may sound complicated but it's quite simple to apply. If you can add and subtract, then you can create secure shares, and all it requires is a pen and paper. You can download the new version of the easy-to-use Secure Code Splitter which comes with clear instructions and examples, a blank calculation sheet and share template. More to read about secret splitting at my website.

No comments: