diff options
Diffstat (limited to 'misc/ssss/ssss.1.html')
| -rw-r--r-- | misc/ssss/ssss.1.html | 177 |
1 files changed, 0 insertions, 177 deletions
diff --git a/misc/ssss/ssss.1.html b/misc/ssss/ssss.1.html deleted file mode 100644 index cbcee6ee6fab2..0000000000000 --- a/misc/ssss/ssss.1.html +++ /dev/null @@ -1,177 +0,0 @@ -<body text="#000000" link="#0000ff" bgcolor="#ffffff"><center><table width="80%"> -<tr><td><h1>ssss</h1> -<h2>Split and Combine Secrets using Shamir's Secret Sharing Scheme.</h2> - - -<h2>Synopsis</h2> -<b> - ssss-split -t <em>threshold</em> -n <em>shares</em> [-w <em>token</em>] - [-s <em>level</em>] [-x] [-q] [-Q] [-D] [-v]<br> - - ssss-combine -t <em>threshold</em> [-x] [-q] [-Q] [-D] [-v]<br> - -</b> - - -<h2>Description</h2> - -<p>ssss is an implementation of Shamir's Secret Sharing Scheme. The -program suite does both: the generation of shares for a known secret, -and the reconstruction of a secret using user-provided shares.</p> - - - -<h2>Commands</h2> - - <p><b>ssss-split</b>: prompt the user for a secret and generate a set of - corresponding shares.</p> - - <p><b>ssss-combine</b>: read in a set of shares and reconstruct - the secret.</p> - - - -<h2>Options</h2> - - - -<p><b>-t <em>threshold</em></b></p> -<p>Specify the number of - shares necessary to reconstruct the secret.</p> - - - - -<p><b>-n <em>shares</em></b></p> - - <p>Specify the number of shares to be generated.</p> - - - - <p><b>-w <em>token</em></b></p> - - <p>Text token to name shares in order to avoid confusion in case one - utilizes secret sharing to protect several independent secrets. The - generated shares are prefixed by these tokens.</p> - - - - <p><b>-s <em>level</em></b></p> - - <p>Enforce the scheme's security level (in bits). This option - implies an upper bound for the length of the shared secret - (shorter secrets are padded). Only multiples of 8 in the range - from 8 to 1024 are allowed. If this option is ommitted (or the - value given is 0) the security level is chosen automatically - depending on the secret's length. The security level directly - determines the length of the shares.</p> - - - - <p><b>-x</b></p> - - <p>Hex mode: use hexadecimal digits in place of ASCII characters for - I/O. This is useful if one wants to protect binary data, like - block cipher keys.</p> - - - - <p><b>-q</b></p> - - <p>Quiet mode: disable all unnecessary output. Useful in scripts. - </p> - - - <p><b>-Q</b></p> - - <p>Extra quiet mode: like <b>-q</b>, but also suppress -warnings.</p> - - - - <p><b>-D</b></p> - - <p>Disable the diffusion layer added in version 0.2. This option - is needed when shares are combined that where generated with - ssss version 0.1.</p> - - - - <p><b>-v</b></p> - - <p>Print version information.</p> - - - - -<h2>Example</h2> - -<p> - In case you want to protect your login password with a set of ten - shares in such a way that any three of them can reconstruct the - password, you simply run the command -</p> - -<p> - ssss-split -t 3 -n 10 -w passwd -</p> - -<p> - To reconstruct the password pass three of the generated shares - (in any order) to -</p> - -<p> - ssss-combine -t 3 -</p> - - - -<h2>Notes</h2> - -<p> -To protect a secret larger than 1024 bits a hybrid technique has to be -applied: encrypt the secret with a block cipher and apply secret -sharing to just the key. Among others openssl and gpg can do the -encryption part: -</p> -<p> -openssl bf -e < file.plain > file.encrypted -</p> -<p> -gpg -c < file.plain > file.encrypted -</p> - - - - -<h2>Security</h2> - -<p> -<b>ssss</b> tries to lock its virtual address space into RAM for -privacy reasons. But this may fail for two reasons: either the current uid -doesn't permit page locking, or the RLIMIT_MEMLOCK is set too -low. After printing a warning message <b>ssss</b> will run even without -obtaining the desired mlock. -</p> - - - - -<h2>Author</h2> - - This software (v0.5) was written in 2006 by B. Poettering - (ssss AT point-at-infinity.org). Find the newest version of - ssss on the project's homepage: <a href = "http://point-at-infinity.org/ssss/">http://point-at-infinity.org/ssss/</a>. - - - -<h2>Further reading</h2> - - <a href = "http://en.wikipedia.org/wiki/Secret_sharing">http://en.wikipedia.org/wiki/Secret_sharing</a> - - - - -</td></tr></table></center> -</body> |