71655a5168
This reverts commit f39f86c541.
It turns out that, in a release binary, the difference between the
two is only 4.7M vs 4.0M. Although the compile time of getopts is
a lot shorter than clap's, clap still gives us more flexibility
and less work, so I decide to keep working with clap anyway.
References #1.
secret-share-{split,combine}
This tool allows for securely splitting and recombining secrets using a secure implementaion of the Shamir secret sharing scheme. It is a wrapper around my SSS library.
Usage
You need Rust to build sss-cli from source. When you have installed Rust,
you can install these tools using Cargo:
# Install sss-cli
cargo install --git https://github.com/dsprenkels/sss-cli
# Make 3 shares with recombination threshold 2
echo -n "Tyler Durden isn't real." | secret-share-split -n 3 -t 2 >shares.txt
# Take the first 2 shares and combine them
head -n 2 shares.txt | secret-share-combine
To uninstall the crate you can use a command similar to the install-command above.
# Uninstall the secret sharing tools
cargo uninstall shamirsecretsharing-cli
F.A.Q.
Why are the shares so much longer than the secrets?
This Shamir secret sharing library could produce shares that are shorter than
their current length. However, while Shamir secret sharing is secure for
confidentiality, this is not the case for integrity. An attacker could tamper
with some of the shares After restoring the (malicious) secret, you would not
be able to know that it has been tampered with. sss-cli uses an AEAD wrapper
so that the shares cannot be tampered with, which takes up some extra space.