
You can now make horcruxes out of your confidential files - jesseduffield
https://github.com/jesseduffield/horcrux
======
red0point
This is unsafe and should not be used.

This is simply splitting the key in multiple pieces, thus for every piece you
have, you gain additional information about the key, allowing for
exponentially easier brute-forcing of the remaining key.

Example: Assume someone creates 3 horcruxes and you can get your hands on 2 of
them. This gives you 85 bits of the full 128 bit key, thus you only need to
brute force 43 bits for the rest. Of course you don't have the full data
anyways, but you still learn about 2/3 of it.

A better tool is ssss which uses Shamir's Secret Sharing. [http://point-at-
infinity.org/ssss/](http://point-at-infinity.org/ssss/)

~~~
jesseduffield
Originally I was using n separate keys, however switched to splitting the key
based on advice from a redditor. I'll switch back to n keys and see if it
slows things down much.

I'll also have a look into ssss, thanks :)

------
private_vault
Instead of splitting the key into substrings or using Reed-Solomon codes I’d
recommend something like Adi Shamir’s secret sharing scheme.

Using something like that allows you to say “split into seven shards but only
require three to reconstitute”, and possessing less than the minimum number of
shards yields no new information.

~~~
nyolfen
[https://darkcrystal.pw/](https://darkcrystal.pw/)

------
Stammon
Wouldn't the concept of dragonballs be a better fit than horcruxes?

~~~
gowld
Dragon Ball crowd is older than the Horcrux crowd.

------
jesseduffield
Hello all! Based on the feedback I've received in the last day I've made some
improvements:

I'm now making use of Samir's Secret Sharing Scheme meaning you can now
specify a threshold of horcruxes required to resurrect the original file
(hopefully putting me in better standing among the HP crowd)

If your threshold equals the total number of horcruxes, I'll divide the
content evenly between each horcrux to reduce file size. Otherwise each
horcrux will contain the same encrypted content

As I've mentioned in another comment I no longer load files into memory so the
program runs pretty fast

Thanks for the valuable feedback everyone!

------
GauntletWizard
This is a great idea, though I don't think it will be useful practically until
it includes reed-solomon encoding support for both files and keys, so that you
can lose a portion of your data and still be safe.

~~~
todotask
Is your idea of reed-solomon encoding store in a multiple device?

~~~
jacobr1
I think the idea is that you should be able to reconstruct the data fully from
any X of Y configured shards of the data (and keys). You can do this with
multi-signature keys and reed-solomon codes for the data. There may be some
smart way to combine the two that exists. Anybody know of an algorithm that
would accomplish this? I vaguely remember reading a paper using Goppa codes
that worked likes this, but google-fu is failing this morning.

~~~
red0point
Just use regular Reed-Solomon for the data and Shamir's Secret Sharing for the
key (an implementation is for example [http://point-at-
infinity.org/ssss/](http://point-at-infinity.org/ssss/)).

If you choose the same parameters for both algorithms, you can freely assign
any key with any data shard and store those.

------
sidpatil
Similar idea with (very) similar name:
[https://github.com/kndyry/horcrux](https://github.com/kndyry/horcrux)

------
STEMdude
reminds me of [http://www.hjsplit.org/](http://www.hjsplit.org/)

------
rolltiide
that's not a real word, keep using it if you would like it to be

~~~
wrink
Horcrux refers to the Harry Potter series, it is a piece of a soul that has
been split apart from the rest and hidden for safe-keeping

I thought it was a cute reference

