Secret Sharing with QR Codes

About

This is a simple tool for sharing secrets safely with multiple people.

What is this?

• Shamir's Secret Sharing is a method for splitting a secret, like a password, into pieces.
• Imagine a secret is a puzzle, and you give each trusted person a piece. Only when a certain number of these pieces are put together, the secret is revealed. This ensures that no single person can access the secret alone.
• This tool allows you to split a secret into pieces, and then encode each piece as a QR code. You can then print these QR codes and distribute them to your trusted people. When you need to access the secret, you can scan the QR codes and the secret will be revealed.

Why?

There are scenarios where having only 1 key to decrypt a message is not sufficient and at the same time splitting the keys in half might pose risk of loosing such a key.

For example, you want to encrypt a message and give the decryption key to your family members. You want to make sure that if one of them loses the key, the message is still accessible. But you don't want to have to collect all the keys every time you want to decrypt the message and at the same time you don't want to have to trust any single person with the key.

How safe is it?

• The secret is encrypted using AES with a random key.
• The key is then split using Shamir's Secret Sharing into multiple pieces. It has Information-theoretic security
• The QR codes contain the whole encrypted message, only enough keys are required
• Nothing is stored on the server! This app runs locally and no webserver is logging the keys (hashtag part of url)

Licence on code

The code is licenced under MIT licence. You can find the code on GitHub.

Use-Cases

Here are some examples of how this tool can be used.

Last Will

Imagine you have a secret that you want to share with your family, but only after you die. You can split the secret into 3 pieces, and give each piece to a different family member. When you die, your family can scan the QR codes and reveal the secret.

BitCoin wallet for board members

In a larger company you can ensure that certain high value information (e.g. key to unlock the company's BTC wallet) is accessed only when majority of board members aggree.

Failover decryption

You can create multiple decryption keys and allow redundancy in case one of the keys gets lost

Nuclear Missile Launch Codes

Obviously since it is safe enough you can have 2 people confirmation while launching nuclear strike.

Encrypt

In order to safely split your secret into multiple parts, follow these steps.

1. Enter your secret message you wish to encrypt.

2. Enter how you want to split it

I want to split the secret into keys and require minimum of keys to decrypt the message.

If you have more keys it will still unlock, however with less the information will be lost.

3. Generate the parts of the key

Generate

4. Distribute the keys

The keys are generated randomly and are not stored on the server. Transfer them safely using e2e encryption. From here on onwards their ways should be separate.

Decrypt

To decrypt the message you have 2 ways.

Scan the QR codes

Use your mobile phone on available codes and after all are scanned tap decrypt.

Every time you scan a code it this page opens and stores the code in your browser. Once you have enough codes scanned (threshold) you can press decrypt to get the message.

Manual input

1. Enter the encrypted message

2. Enter key shares one by one and hit load key

Load Key

Number of loaded keys : 0

Reset Decrypt