Cryptographic security rules ?

iancoleman / shamir

Shamir Secret Sharing Scheme in single page which can be used offline.

https://iancoleman.io/shamir/

MIT License

214 stars 68 forks source link

Cryptographic security rules ? #3

Open prodnet opened 5 years ago

prodnet commented 5 years ago

Hello,

Your Shamir secret sharing code around meet the cryptographic security rules ? Some details like : integrity checks and side-channel resistance

Recommandations :

Be side channel resistant (timing, branch, cache) Secure the shared secret with a MAC *Use the platform (OS) randomness source

**These slip-ups can often fully compromise the security of the scheme.

prodnet commented 5 years ago

Please let me know ! Thanks.

iancoleman commented 5 years ago

This tool uses the library https://github.com/amper5and/secrets.js

That library has been improved by https://github.com/grempe/secrets.js so I will look into upgrading it here.

side channels - no explicit work done on this, any suggestions?
no MAC but it can be done as a second step using another tool
uses secure randomness and alerts the user if not available (see secrets.js:L103)

prodnet commented 5 years ago

Thank you for you reply.

Why this secure shared secret with a MAC, could not be implement directly in this source code?

It would be great if you could inspire you and implement in javascript, other sharing schemes as in this project:

https://github.com/Qbicz/multi-secret-sharing Implemented and ready-to-use multi secrets sharing schemes are:

Roy-Adhikari
Lin-Yeh
Herranz-Ruiz-Saez.

prodnet commented 5 years ago

And this : https://github.com/brndnmtthws/seed-otp

prodnet commented 5 years ago

This is Trezor Implementation: https://github.com/trezor/python-shamir-mnemonic/

iancoleman commented 5 years ago

Feel free to use those tools instead. I wrote this one as a way to use https://github.com/amper5and/secrets.js since there was no demo app for it. I think you're looking for something different to this tool. If you have specific suggestions or pull requests that'd be great.

I like SLIP-0039 and have recommended it as the preferred alternative to my other secret sharing project for mnemonics called shamir39.

prodnet commented 5 years ago

Where can I find an implementation of "SLIP-0039" without dependencies (python), as a simple "standalone.html" file, like yours? If it does not exist, can you do this conversion? Thanks.

iancoleman commented 5 years ago

I don't know of any web-based implementations of slip-0039. Would be a good project.