paper-secret/README.md

76 lines
1.7 KiB
Markdown
Raw Permalink Normal View History

2022-09-02 11:27:50 +02:00
# Paper-Secret
Shamir Secret Sharing on paper using gfshare.
## Installation
2022-09-02 12:30:46 +02:00
### PyPi
* https://pypi.org/project/paper-secret/
### Dependencies
2022-09-04 21:07:40 +02:00
Required and optional dependencies with example how to install them for Arch Linux.
`gfshare` is required to split (`enpaper`) and merge (`depaper`) the secret.
2022-09-02 11:27:50 +02:00
See `man gfshare` for an explanation of Shamir Secret Sharing in gf(2**8).
```shell
sudo pacman -S --needed libgfshare
```
`qrencode` and `imagemagick` (`convert`) are required to create and merge QR-codes during the split process.
2022-09-04 21:07:40 +02:00
One can pass `-q` to `enpapaer` to skip this step.
2022-09-02 11:27:50 +02:00
```shell
sudo pacman -S --needed qrencode imagemagick
```
2022-09-02 13:27:24 +02:00
`enscript` and `ghostscript` (`ps2pdf`) are required to create a PDF containing the split secret in text form.
2022-09-04 21:07:40 +02:00
One can pass `-t` to `enpaper` to skip this step.
2022-09-02 11:27:50 +02:00
```shell
2022-09-02 13:27:24 +02:00
sudo pacman -S --needed enscript ghostscript
2022-09-02 11:27:50 +02:00
```
## Usage
2022-09-04 21:07:40 +02:00
Create a file with secret content:
2022-09-02 11:27:50 +02:00
```shell
cat > secret.txt
```
Split the secret into 5 lines:
```shell
2022-09-02 13:27:24 +02:00
enpaper secret.txt
2022-09-02 11:27:50 +02:00
```
Manually delete up to 2 of the 5 lines in `secret.txt_txt.txt`.
Then recreate the secret:
```shell
2022-09-02 13:27:24 +02:00
depaper secret.txt.split-text.txt
2022-09-02 11:27:50 +02:00
```
Print the secret:
```shell
cat secret.txt.split-text.txt.merged.txt
```
## Notes
* https://en.wikipedia.org/Shamir's_Secret_Sharing
2022-09-02 14:09:09 +02:00
Manually reconstructing the secret from k strings:
* For each string of the k strings
* Create a file which name begins with `part` and ends with a dot and the first three characters of the string
* For example `part.112`
* Convert the 3rd to last character from base64 to binary and insert it into the file
* Execute `gfcombine part.*`
* The file `part` contains the reconstructed secret