DEV Community

Cover image for Shamir's Secret Sharing Scheme in JavaScript
Simon Massey
Simon Massey

Posted on • Updated on

Shamir's Secret Sharing Scheme in JavaScript

Passwords are kryptonite to security so they need to be strong and never reused. Developers agree with that last sentence then don't give their users a way to safely back up a strong password. We should offer users the ability to recover a strong password using Shamir's Secret Sharing Scheme. Users can then confidently use a unique strong password knowing they will not become locked out.

What exactly is Shamir's Secret Sharing Scheme? It is a form of secret splitting where we distribute a password as a group of shares. The original password can be reconstructed only when a sufficient threshold of shares are recombined together. Here is example code showing how this works using the shamir library:

const { split, join } = require('shamir');
const { randomBytes } = require('crypto');

// the total number of shares
const PARTS = 5;
// the minimum required to recover
const QUORUM = 3;
// you can use any polyfill to covert between string and Uint8Array
const utf8Encoder = new TextEncoder();
const utf8Decoder = new TextDecoder();

function doIt() {
    const secret = 'hello there';
    const secretBytes = utf8Encoder.encode(secret);
    // parts is a object whos keys are the part number and 
    // values are shares of type Uint8Array
    const parts = split(randomBytes, PARTS, QUORUM, secretBytes);
    // we only need QUORUM parts to recover the secret
    // to prove this we will delete two parts
    delete parts[2];
    delete parts[3];
    // we can join three parts to recover the original Unit8Array
    const recovered = join(parts);
    // prints 'hello there'
    console.log(utf8Decoder.decode(recovered));
}
Enter fullscreen mode Exit fullscreen mode

Cryptocurrency wallets use Shamir's Secret Sharing to enable users to back up their passphrases. This solves the problem that if someone dies the bitcoins can be passed to friends and family. How might you use this approach to protect a bitcoin passphrase that is worth a cool ten million dollars? You could generate five shares and set a threshold of three. You can then send two shares to two trusted friends, write down two shares on paper then store them in separate secure locations, and give the final share to your lawyer. It would then be very hard for someone else to obtain three shares to steal your bitcoins. Your last will and testament document can state how to recover the bitcoins if you die.

Isn't it time your app enforced a strong password and also gave people the choice of using Shamir's Secret Sharing Scheme to back it up?

Top comments (2)

Collapse
 
dansilcox profile image
Dan Silcox

This is really cool, like digital horcruxes!

Collapse
 
simbo1905 profile image
Simon Massey

Yes, it's really super cool. The shares are randomised which is why the crypto randomBytes function is needed. If someone tries to recombine less than the threshold number of shares no errors occurs it is just a random result. The maths behind it are really interesting and not as hard as most cryptography. There are some good free videos showing how things work and explaining the two key methods used.