

Preview release of duse – Distributed Secrets - flowerpot

Duse is an API driven system to securely share secrets. It can be used to share secrets such as passwords or SSH Keys among participants. During the whole process, the API is never able to tell anything about the secret. Right now there is only a CLI written in ruby to use consume the API, more to come.<p>Essentially what it does is, it encrypts the secret with AES256 with a random key. Then the key is split into shares with Shamir&#x27;s Secret Sharing and each part is encrypted with the participating users public keys always containing a special server user. All of these cipher texts are then stored in the API. When a user wants to read a secret, the server&#x27;s share is decrypted and encrypted with the requesting users public key. Once the user receives the encrypted shares, she can simply decrypt the symmetric key with her private key and decrypt the secret.<p>I am excited to release the first preview of duse. It has been developed as part of a paper I had to do at university, which will also be published, however, it must be graded before I can publish it. It contains descriptions of possible attacks and how to prevent them or at least minimize risks.<p>I am not a cryptography expert, so I would be glad to dicuss my implementation with more knowledgable people.<p>My goal is to release the first production ready version later this year, but wanted to start spreading the word and possibly find contributers :)<p>http:&#x2F;&#x2F;duse.io&#x2F;<p>https:&#x2F;&#x2F;github.com&#x2F;duse-io
======
Spitfire777
Looks great, I'll try it out.

~~~
flowerpot
Thanks, we want all the feedback we can get! :)

