I tested the \'ssss\' package in Linux, an implementation of Shamir\'s secret sh
ID: 654811 • Letter: I
Question
I tested the 'ssss' package in Linux, an implementation of Shamir's secret sharing algorithm. link
The package is easy to use, and I presume that it is cryptographically valid implementation, though I have not personally verified that. How standardised is this implementation? It appears that the package is quite old, which is probably a good sign. But I am wondering whether a version of Linux (or other OS) in ten or twenty years' time is likely to be able to recover the secret from the shares, or is it advisable to retain a copy of this specific implementation? For example/comparison, I am very confident that some md5 algorithm will still be available for a long time on any pc, and produce identical results to a current implementation.
Explanation / Answer
There is no really "standard" implementation, let alone output format, for such tools. Whatever you use, you'd better keep around its source code so that it may be recompiled or at least ported on the machine you will have twenty years from now.
I note that the code uses GMP, to make computations with big integers -- which means that it uses big integers, which implies that the code does not do things the easy and simple way. This is not, in all generality, a good sign. A good and practical implementation of Shamir's Secret Sharing should:
+ Use the sharing on a byte-by-byte basis.
+ Do computations in the finite field GF(256) (values fit in one byte, there is no bias or other similar issue, porting to any other language is easy).
+ Store shares in files, instead of strings to be typed and/or pasted.
+ Not be limited to 128 characters, which is sloppy. If you do the sharing on a byte-by-byte basis, you can split files or arbitrary length.