Author

Topic: Secret-sharing scheme that can be “audited” without auditing code? (Read 158 times)

legendary
Activity: 2534
Merit: 6080
Self-proclaimed Genius
However, I want to allow users of my app (who may not be coders...) to double-check--without having to audit my code--that my implementation of SSS is not flawed.
Auditing an app accurately without looking at the code is impossible,
all the user can do it so look for suspicious activity beyond the app's functions, and that can't be done by newbies either.

If that is indeed the case, which other reliable public (deterministic) solution/algorithm could my app use to:
Since you're looking for a reputable tool that uses SSS, check iancoleman's:
GitHub: https://github.com/iancoleman/shamir
Online:  https://iancoleman.io/shamir/

That can double as a verify-er as well.
legendary
Activity: 3472
Merit: 10611
However, I want to allow users of my app (who may not be coders...) to double-check--without having to audit my code--that my implementation of SSS is not flawed.

a user who doesn't understand the code can not do that. even a programmer can not do that. only a cryptography expert can audit such things to verify if the implementation is not flawed.

the only thing you can do is find test vectors and reduce the risk of having bugs. i haven't really looked into the algorithm but SLIP-39[1] has a bunch of test vectors [2] that you could start with.
additionally after splitting the "secret" into multiple parts, there should be an option to combine those parts and get the "secret" again as a sanity check.

ps. SSS in my opinion should not be used instead of encryption.

[1] https://github.com/satoshilabs/slips/blob/master/slip-0039.md
[2] https://github.com/trezor/python-shamir-mnemonic/blob/master/vectors.json
newbie
Activity: 8
Merit: 1
I am designing an app that allows (among other things...) users to divide a secret into 2 shards and was planning to use Shamir Secret Sharing (SSS) to do so.

However, I want to allow users of my app (who may not be coders...) to double-check--without having to audit my code--that my implementation of SSS is not flawed.

In other words, using another implementation of SSS available elsewhere (e.g. on the web, GitHub...), users of my app should ideally be able to obtain the same 2 shards as the ones provided by my app.

I understand that, considering the random data used in SSS to compute the shards, this request may not even make sense at all since it may simply be impossible by design (since SSS is not deterministic...)...

If that is indeed the case, which other reliable public (deterministic) solution/algorithm could my app use to:
a) separate a secret into 2 shards,
b) allow anyone to recompute these 2 shards outside of my app.

Thanks a lot for your kind support!
Jump to: