Skip to content
This repository has been archived by the owner on Aug 31, 2023. It is now read-only.
/ horcrux Public archive

A security question based secret sharing utility.

License

MIT license
0 stars 2 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

lukasmalkmus/horcrux

BranchesTags

Repository files navigation

lukasmalkmus/horcrux

A security question based secret sharing utility.

Go Workflow Coverage Status Go Report Go Reference Latest Release License

Table of Contents

  1. Introduction
  2. Usage
  3. Contributing
  4. License

Introduction

horcrux is a security question based secret sharing utility. The idea and package code is inspired and mostly taken from the abandoned horcrux package by Coda Hale.

horcrux splits a secret into multiple fragments and associates every fragment with a security question. The answer to that question is used to encrypt the fragment using ChaCha20Poly1305. Only a given number of fragments is needed to fully restore the original secret.

Installation

Download and install the pre-compiled binary manually

Binary releases are available on GitHub Releases.

Install using Homebrew

brew tap lukasmalkmus/tap
brew install horcrux

To update:

brew upgrade horcrux

Install using go get

go get -u github.com/lukasmalkmus/horcrux/cmd/horcrux

Install from source

git clone https://github.com/lukasmalkmus/horcrux.git
cd horcrux
make install # Build and install binary into $GOPATH

Run the Docker image

Docker images are available on the GitHub Container Registry.

docker pull ghcr.io/lukasmalkmus/horcrux
docker run ghcr.io/lukasmalkmus/horcrux

Validate installation

In all cases the installation can be validated by running horcrux -v in the terminal:

horcrux version 1.0.0

Usage

horcrux [flags] [commands]

Help on flags and commands:

horcrux --help

Performance

As of today, the implementation isn't suitable for large files. Shamir's Secret Sharing algorithm is very computation intesive and takes most of the time. Below are some benchmarks (MacBook Pro, 2,8 GHz Quad-Core i7, 16 GB):

name          time/op
Split64KB-8    364ms ± 6%
Split1MB-8     476ms ± 1%
Split128MB-8   18.4s ± 1%
Split1GB-8      160s ± 8%

name          alloc/op
Split64KB-8    135MB ± 0%
Split1MB-8     145MB ± 0%
Split128MB-8  1.48GB ± 0%
Split1GB-8    10.9GB ± 0%

name          allocs/op
Split64KB-8    65.6k ± 0%
Split1MB-8     1.05M ± 0%
Split128MB-8    134M ± 0%
Split1GB-8     1.07G ± 0%

Splitting a 1GB file takes up to 3 minutes. Also the memory consumption is a lot higher than the size of the file which is being processed. An io.Reader based implementation is needed to fix this but this requires multiple tweaks, especially to Shamir's Secret Sharing implementation.

Contributing

Feel free to submit PRs or to fill issues. Every kind of help is appreciated.

Before committing, make should run without any issues.

License

© Lukas Malkmus, 2021

Distributed under MIT License (The MIT License).

See LICENSE for more information.

License Status

About

A security question based secret sharing utility.

Topics

encryption chacha20 shamir-secret-sharing shamir-s-secret-sharing-scheme chacha20poly1305 horcrux

Resources

Readme

License

MIT license
Activity

Stars

0 stars

Watchers

2 watching

Forks

2 forks
Report repository

Releases 2

Horcrux v0.2.0 Latest
Aug 8, 2021
+ 1 release

Packages

 
 
 

Languages