Tools to make secret sharing easier.
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
 
 
 
 

2.6 KiB

Gfsecret - Secret sharing tools

Gfsecret is a set of tools to facilitate secret sharing according to the Adi Shamir’s secret sharing scheme.

gfsec-use

The gfsec-use program allows to temporarily reconstruct a splitted file from shares that have been dispersed on several external devices (USB sticks and/or MTP-compliant devices like some smartphones or audio players).

The program needs a configuration file (by default, $XDG_CONFIG_HOME/gfsecret/default.conf) which describes the shared secret. Here is a sample configuration:

OUTFILE=/home/alice/mysecret
MINSHARES=2
URI=file:///home/alice/.local/share/gfsecret/mysecret.024
URI=label://MYSTICK/mysecretfile.070
URI=mtp://RF2GB6X704P/Documents/mysecret.139

With such a configuration, gfse-use will attempt to reconstruct the file /home/alice/mysecret, using at least two of the three available shares: one available on the local filesystem, one on a USB storage device with the label MYSTICK, and one on a MTP-compliant device with the serial number RF2GB6X704P. Gfsec-use will automatically detect which devices are currently connected and will fetch from them the corresponding shares.

Once the secret file has been reconstructed (if enough shares are available), gfsec-use will spawn a new shell (or any other program specified on its command line). When the shell (or the user-specified command) terminates, the reconstructed secret file will be automatically deleted.

Install

Gfsecret depends on the following libraries at compile-time:

  • libgfshare, which implements the secret sharing scheme proper (mandatory);
  • libgcrypt, for the SHA-256 implementation (mandatory);
  • GIO, to access shares stored on external volumes (typically USB storage) (optional);
  • libmtp, to access shares stored on MTP-compliant devices (optional).

Copying

Gfsecret is distributed under the terms of the GNU General Public License, version 3 or higher. The full license is included in the COPYING file of the source distribution.

Homepage and contact

The project is located at http://www.incenp.org/dvlpt/gfsecret.html. The latest source code is available in a Git repository at git://git.incenp.org/gfsecret.git and may also be browsed at http://www.incenp.org/gitweb/?p=gfsecret.git;a=summary.

The author may be contacted at the following address: Damien Goutte-Gattat dgouttegattat@incenp.org