Distributed Personal Password Repository using Secret Sharing
Journal article, Peer reviewed
MetadataVis full innførsel
OriginalversjonNorsk Informasjonssikkerhetskonferanse (NISK). 2018, 11 (1), .
Secret sharing based systems can provide both data secrecy and recoverability simultaneously. This is achieved by a special cryptographical splitting of the data, where the parts, called shares, are distributed among a group of entities. A classical solution would be to first encrypt the data (confidentiality), then to copy and store the result for backup (recoverability). However, by using a secret sharing system, the complete data can be recovered even when only a sufficiently sized subset of shares can be supplied, while any smaller subset of shares does not leak any information about the original data (perfect secrecy). For instance, the shares can be distributed across several distinct cloud providers, thus enabling a secure and recoverable storage. Following this idea, we design and propose a novel application for secure and recoverable management of personal passwords by distributing secret shares to cloud storage entities. We have made an experimental smartphone implementation that validates the expediency of the design. The Android application implementation distributes the shares to three cloud providers (Dropbox, Google Drive and Microsoft OneDrive). We note that several mobile password managers exist, but they mostly use the classical solution of encrypted data for storage.