Tools to make secret sharing easier.
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

2.6 KiB

Gfsecret - Secret sharing tools

Gfsecret is a set of tools to facilitate secret sharing according to the Adi Shamir’s secret sharing scheme.


The gfsec-use program allows to temporarily reconstruct a splitted file from shares that have been dispersed on several external devices (USB sticks and/or MTP-compliant devices like some smartphones or audio players).

The program needs a configuration file (by default, $XDG_CONFIG_HOME/gfsecret/default.conf) which describes the shared secret. Here is a sample configuration:


With such a configuration, gfse-use will attempt to reconstruct the file /home/alice/mysecret, using at least two of the three available shares: one available on the local filesystem, one on a USB storage device with the label MYSTICK, and one on a MTP-compliant device with the serial number RF2GB6X704P. Gfsec-use will automatically detect which devices are currently connected and will fetch from them the corresponding shares.

Once the secret file has been reconstructed (if enough shares are available), gfsec-use will spawn a new shell (or any other program specified on its command line). When the shell (or the user-specified command) terminates, the reconstructed secret file will be automatically deleted.


Gfsecret depends on the following libraries at compile-time:

  • libgfshare, which implements the secret sharing scheme proper (mandatory);
  • libgcrypt, for the SHA-256 implementation (mandatory);
  • GIO, to access shares stored on external volumes (typically USB storage) (optional);
  • libmtp, to access shares stored on MTP-compliant devices (optional).


Gfsecret is distributed under the terms of the GNU General Public License, version 3 or higher. The full license is included in the COPYING file of the source distribution.

Homepage and contact

The project is located at The latest source code is available in a Git repository at git:// and may also be browsed at;a=summary.

The author may be contacted at the following address: Damien Goutte-Gattat