• @[email protected]
    cake
    link
    fedilink
    English
    271 year ago

    I’ve always liked this, it has pretty much everything you could want in a personal project: a catchy name and a whimsical idea that is just on the edge of being actually practical.

    • @[email protected]
      link
      fedilink
      English
      121 year ago

      Yeah, there is something oddly mesmerizing about projects that solve an “already-solved-in-a-more-efficient-way” problem in a weird way

  • DeGandalf
    link
    fedilink
    6
    edit-2
    1 year ago

    This basically just means the files themselves become the authentication.

    I don’t see a singe use-case, where you couldn’t just use normal private-key encryption and just save the private key to a file somewhere else. And if you want to distribute it to multiple locations, so that you need all of them, then there are also encryption methods for that.

    • @Whooping_Seal
      link
      21 year ago

      While there is no use case I do think it is quite an interesting project, although my opinion maybe clouded by the cool name given the encryption methodology.

  • Badabinski
    link
    fedilink
    5
    edit-2
    1 year ago

    I always thought this was such a cool concept when I was administrating a Hashicorp Vault server. I made 7 fragments for 7 keyholders, and required that 4 or 5 of them (can’t remember) enter their fragments to unlock the Vault server.

      • DaGeek247
        link
        fedilink
        131 year ago

        From the git repo;

        Q) How does this work?
        A) This uses the Shamir Secret Sharing Scheme to break an encryption key into parts that can be recombined to create the original key, but only requiring a certain threshold to do so. I’ve adapted Hashicorp’s implementation from their vault repo

  • @[email protected]
    link
    fedilink
    English
    41 year ago

    This is cool! This could be a handy way to store important private keys like internal root CA keys in known locations that are distributed across an infrastructure. Oh man, maybe even in a vault file for secrets you don’t need often like break glass credentials and the like. Such a cool and unique idea!

  • Einar
    link
    fedilink
    English
    31 year ago

    I love the way I would keep my stuff safe:

    Now you just need to disperse the horcruxes around the house on various USBs or online locations and hope you can recall where they all are!

  • @[email protected]
    cake
    link
    fedilink
    English
    3
    edit-2
    1 year ago

    that’s super cool, almost zero use case but if you have a super sensitive string (such as a bank or wallet code) I guess it’s a good layer of offline security

  • @[email protected]
    link
    fedilink
    English
    21 year ago

    There is actually one use case for it. I create a yearly backup that i distribute across my friends (mostly via CD-ROMs) which include all my files that i can’t afford to lose, like encryption keys, keepass database, crypto wallets (everything that isn’t encrypted data gets aes-encrypted via gpg and a 512-bit key which is stored in the keepass database). But if say a malicious actor gets access to it by social-engineering they could start brute-forcing the keepass-database (good luck though with my passphrase and 10-rounds of argon2 with 4-threads and 4gig vector size), by splitting it into fragments that vector would be closed.