Distributed Personal Password Repository using Secret Sharing


Secret sharing based systems can provide both data secrecy and recoverability simul-
taneously. This is achieved by a special cryptographical splitting of the data, where the
parts, called shares, are distributed among a group of entities. A classical solution would
be to rst encrypt the data (condentiality), then to copy and store the result for backup
(recoverability). However, by using a secret sharing system, the complete data can be
recovered even when only a suciently sized subset of shares can be supplied, while any
smaller subset of shares does not leak any information about the original data (perfect se-
crecy). For instance, the shares can be distributed across several distinct cloud providers,
thus enabling a secure and recoverable storage. Following this idea, we design and pro-
pose a novel application for secure and recoverable management of personal passwords
by distributing secret shares to cloud storage entities. We have made an experimental
smartphone implementation that validates the expediency of the design. The Android ap-
plication implementation distributes the shares to three cloud providers (Dropbox, Google
Drive and Microsoft OneDrive). We note that several mobile password managers exist,
but they mostly use the classical solution of encrypted data for storage.

Author Biography

Stig Frode Mjølsnes, NTNU

Professor at Dep. Information Security and Communication Technology, NTNU