Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Shamir’s Secret Sharing #229

Open
radumarias opened this issue Nov 11, 2024 · 3 comments
Open

Shamir’s Secret Sharing #229

radumarias opened this issue Nov 11, 2024 · 3 comments
Labels
security

Comments

@radumarias
Copy link
Member

radumarias commented Nov 11, 2024
edited
Loading

Using Shamir's secret sharing, build a group encrypted folder with a minimum number of members available to access the files. This is good for shared folders where you want to increase security so that if one part of the key is compromised, it doesn't compromise the whole key, hence all the data.

Ref

The disadvantage is that each user can reconstruct the whole key and decrypt anything. See a solution that addresses this.

Structure notes

  • Create a dedicated crate for this that uses rencfs (the core) as a lib. You can create attractions and common minimalistic generic functionality in the core but keep the core more generic
@radumarias radumarias changed the title Decentralized encryption Group/Decentralized encryption Nov 11, 2024
@radumarias radumarias changed the title Group/Decentralized encryption Threshold/Decentralized key/encryption Nov 11, 2024
@radumarias
Copy link
Member Author

radumarias commented Nov 12, 2024
edited
Loading

  • the alternative is the public key, because the single point of failure is that we need to reconstruct the key on one node
  • also use zero sharing
  • we could have each user have a key, and each chunk is encrypted with a different key, and on decrypt, we ask each user to decrypt sending content via TLS

@MarcIlunga
Copy link

I just wanted to add clarifications: The recommendation above is to avoid zero-sharing issues, both upon share construction and key reconstruction. See our writeup for more info on the issue.

@radumarias
Copy link
Member Author

@MarcIlunga thank you, will investigate that

@radumarias radumarias mentioned this issue Dec 8, 2024
Open
1 task
@radumarias radumarias moved this to Todo in rencfs Dec 9, 2024
@radumarias radumarias changed the title Threshold/Decentralized key/encryption Shamir’s Secret Sharing Dec 9, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
security
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@radumarias @MarcIlunga