misc/ssss: Added (Shamir's Secret Sharing Scheme)

Signed-off-by: Niels Horn <niels.horn@slackbuilds.org>

1 files changed, 177 insertions, 0 deletions

diff --git a/misc/ssss/ssss.1.html b/misc/ssss/ssss.1.html
new file mode 100644
index 0000000000..cbcee6ee6f
--- /dev/null
+++ b/misc/ssss/ssss.1.html
@@ -0,0 +1,177 @@
+<body text="#000000" link="#0000ff" bgcolor="#ffffff"><center><table width="80%">
+<tr><td><h1>ssss</h1>
+<h2>Split and Combine Secrets using Shamir's Secret Sharing Scheme.</h2>
+
+
+<h2>Synopsis</h2>
+<b>
+      ssss-split -t <em>threshold</em> -n <em>shares</em> [-w <em>token</em>] 
+         [-s <em>level</em>] [-x] [-q] [-Q] [-D] [-v]<br>
+
+      ssss-combine -t <em>threshold</em> [-x] [-q] [-Q] [-D] [-v]<br>
+
+</b>
+
+
+<h2>Description</h2>
+
+<p>ssss is an implementation of Shamir's Secret Sharing Scheme. The
+program suite does both: the generation of shares for a known secret,
+and the reconstruction of a secret using user-provided shares.</p>
+
+
+
+<h2>Commands</h2>
+
+      <p><b>ssss-split</b>: prompt the user for a secret and generate a set of
+      corresponding shares.</p>
+      
+      <p><b>ssss-combine</b>: read in a set of shares and reconstruct
+      the secret.</p>
+
+
+
+<h2>Options</h2>
+
+
+      
+<p><b>-t <em>threshold</em></b></p> 
+<p>Specify the number of
+      shares necessary to reconstruct the secret.</p>
+    
+
+
+      
+<p><b>-n <em>shares</em></b></p>
+
+      <p>Specify the number of shares to be generated.</p>
+
+      
+      
+      <p><b>-w <em>token</em></b></p>
+
+      <p>Text token to name shares in order to avoid confusion in case one
+      utilizes secret sharing to protect several independent secrets. The
+      generated shares are prefixed by these tokens.</p>
+
+      
+      
+      <p><b>-s <em>level</em></b></p>
+
+      <p>Enforce the scheme's security level (in bits). This option
+      implies an upper bound for the length of the shared secret
+      (shorter secrets are padded). Only multiples of 8 in the range
+      from 8 to 1024 are allowed. If this option is ommitted (or the
+      value given is 0) the security level is chosen automatically
+      depending on the secret's length.  The security level directly
+      determines the length of the shares.</p>
+
+      
+
+      <p><b>-x</b></p>
+
+      <p>Hex mode: use hexadecimal digits in place of ASCII characters for
+      I/O. This is useful if one wants to protect binary data, like
+      block cipher keys.</p>
+
+      
+
+      <p><b>-q</b></p>
+
+      <p>Quiet mode: disable all unnecessary output. Useful in scripts.
+      </p>
+
+      
+      <p><b>-Q</b></p>
+
+      <p>Extra quiet mode: like <b>-q</b>, but also suppress
+warnings.</p>
+
+      
+
+      <p><b>-D</b></p>
+
+      <p>Disable the diffusion layer added in version 0.2. This option
+      is needed when shares are combined that where generated with
+      ssss version 0.1.</p>
+
+      
+
+      <p><b>-v</b></p>
+
+      <p>Print version information.</p>
+
+      
+
+
+<h2>Example</h2>
+
+<p>
+        In case you want to protect your login password with a set of ten
+        shares in such a way that any three of them can reconstruct the
+        password, you simply run the command
+</p>
+
+<p>
+          ssss-split -t 3 -n 10 -w passwd
+</p>
+
+<p>
+        To reconstruct the password pass three of the generated shares
+        (in any order) to
+</p>
+
+<p>
+          ssss-combine -t 3
+</p>
+
+
+
+<h2>Notes</h2>
+
+<p>
+To protect a secret larger than 1024 bits a hybrid technique has to be
+applied: encrypt the secret with a block cipher and apply secret
+sharing to just the key. Among others openssl and gpg can do the
+encryption part:
+</p>
+<p>
+openssl bf -e &lt; file.plain &gt; file.encrypted
+</p>
+<p>
+gpg -c &lt; file.plain &gt; file.encrypted
+</p>
+
+
+
+
+<h2>Security</h2>
+
+<p>
+<b>ssss</b> tries to lock its virtual address space into RAM for
+privacy reasons. But this may fail for two reasons: either the current uid
+doesn't permit page locking, or the RLIMIT_MEMLOCK is set too
+low. After printing a warning message <b>ssss</b> will run even without
+obtaining the desired mlock.
+</p>
+
+
+
+
+<h2>Author</h2>
+
+        This software (v0.5) was written in 2006 by B. Poettering
+        (ssss AT point-at-infinity.org). Find the newest version of
+        ssss on the project's homepage: <a href = "http://point-at-infinity.org/ssss/">http://point-at-infinity.org/ssss/</a>.
+
+
+
+<h2>Further reading</h2>
+
+        <a href = "http://en.wikipedia.org/wiki/Secret_sharing">http://en.wikipedia.org/wiki/Secret_sharing</a>
+
+
+
+
+</td></tr></table></center>
+</body>