Loading...
 
Skip to main content

History: Shared Secrets

View published page Collapse Into Edit Sessions

Source of version: 28

Copy to clipboard
            ! Shamir's Shared Secrets and Team Password Management via Trackers
This feature introduced in ((Tiki22)) allows you to encrypt password or any other sensitive info with an encryption key. These passwords or sensitive data are stored in the ((Trackers)) based on [https://en.wikipedia.org/wiki/Shamir%27s_Secret_Sharing|Shamir's Shared Secret] algorithm. This is an improved version of shared secret encryption (symmetrical encryption) as we do not need to secure shared keys to the point where they cannot be used alone to decrypt data. Even if a hacker accesses the Tiki database, he still won't be able to decrypt the data (easily) without a second shared key. None of the users will be able to decrypt the data alone without the key in the Tiki database. We use https://github.com/teqneers/shamir

!! Overview
Imagine a door lock that requires at least 3 keys at the same time to open it. So, if you divide the secret key into 5 parts and give them to different users and use a minimum threshold of 3, at least 3 people must provide their share in order to reconstruct the secret. What will happen ? Here is the idea:
* encrypt password or any other sensitive info with an encryption key
* run the key through SSS algorithm with number of shares = number of people to be shared with + 1 and threshold of 2
* store one of the shares in Tiki db
* distribute the rest of the shares to all people that need access to the sensitive info
* then, whenever someone comes, they supply their shared secret and we use the other one stored in Tiki db. Since threshold is 2, they will be able to decrypt the sensitive info.
* This goes beyond the ((User Encryption)) feature.

!! How it works ?
!!! Requirement
Starting with the activation of [User encryption] that requires the Sodium PHP extension for encryption otherwise you will not be able to activate it. __''"System Menu" > "Security" > "General Security" tab > "User encryption"''__ (~np~https://example.org/tiki-admin.php?page=security#content_admin1-1~/np~).
The path may be different depending on the version of Tiki, from version 23 you must click on __''"Settings" > "Control panel" > "Advanced" > "Security" > "General Security" tab > "User encryption"''__.

{img src="display1750" link="display1750" width="400" rel="box[g]" imalign="center" desc="Click to expand" alt="Shamir secure enabling user encryption" align="center" styleimage="border"}

!!! Create encryption key
Once "User encryption" is active, you can then proceed to create the key by proceeding as follows: __''"System Menu" > "Security" > "Encryption" tab > "Create key" tab''__, in version 23 __''"Settings" > "Control panel" > "Advanced" > "Security" > "General Security" tab > "Encryption"''__ (~np~https://example.org/tiki-admin.php?page=security#contentencryption-2~/np~)
{img src="display1758" link="display1758" width="400" rel="box[g]" imalign="center" alt="Shamir secure creating encryption key" desc="Click to expand" align="center" styleimage="border"}

!!! Generated keys
After the creation of the encryption key, a number of keys will be generated according to the number of selected users, each of which can be used to encrypt and decrypt data.
{img src="display1751" link="display1751" width="400" rel="box[g]" imalign="center" alt="Shamir secure creating encryption key" desc="Click to expand" align="center" styleimage="border"}

!!! Encrypted keys list
When changing encryption key, enabling the option __''"Regenerate shares"''__ will create new secret shares with the defined number of shares. Old shares will no longer be valid, so you will need to distribute the new shares to team members again. Data encrypted with existing key will stay intact and new shares will be able to decrypt it. 
No data loss occurs as long as you keep the shared keys known. Use this option to increase or decrease the number of people with shared keys for this domain. If User Encryption is turned on, newly generated keys will be automatically saved to relevant user accounts.
You add the name of the key, the description and you select the users to share it with.
All the encryption keys added are listed: (~np~https://example.org/tiki-admin.php?page=security#contentencryption-1~/np~)
{img src="display1752" link="display1752" width="400" rel="box[g]" imalign="center" alt="Shamir secure creating key" desc="Click to expand" align="center" styleimage="border"}

!!! Add encryption option to field
It is therefore necessary to create a Tracker to take advantage of the benefits of this feature.
You have to change the "Encryption key" parameter of the field you want to create. This parameter is found in __''"Advanced Options" > in the tab "Advanced" > the field "Encryption key", select the key''__.
{img src="display1753" link="display1753" width="400" rel="box[g]" imalign="center" alt="Shamir secure adding encryption option" desc="Click to expand" align="center" styleimage="border"}

!!! Create Tracker item
When creating the item, you will see the message "Field data is encrypted using key" followed by the name of the key used below the field. As on the image below: 
{img src="display1754" link="display1754" width="400" rel="box[g]" imalign="center" alt="Shamir secure creating tracker item" desc="Click to expand" align="center" styleimage="border"}

!!! Using keys
We copied one of the keys to finally use it and have access to the encrypted information.
{img src="display1757" link="display1757" width="400" rel="box[g]" imalign="center" alt="Shamir secure using key" desc="Click to expand" align="center" styleimage="border"}

If when using a key you see the message __''"Given keys are incompatible"''__, this is a case where you are using a different key from those generated by the key, it is the same case when you see the message __''"Given keys vary in key length"''__.

!!! Notes
* Users with whom the keys have been shared have direct access to the data of the encrypted fields regardless of the group they belong to as in this case with the user "admin", i.e. they do not need to use their key to decrypt the item field. Remember that the key was initially shared with two other users: "user 1" and "user 2" during its creation. 
{img src="display1755" link="display1755" width="400" rel="box[g]" imalign="center" alt="Shamir secure item view" desc="Click to expand" align="center" styleimage="border"}
* Tracker permissions must be changed to allow non-admin users to access it.
* Other users with whom the key has not been shared must use the key to access the field data because it is hidden from them.
{img src="display1756" link="display1756" width="400" rel="box[g]" imalign="center" alt="Shamir secure user do not have access" desc="Click to expand" align="center" styleimage="border"}


~tc~ (alias(Shamir's Shared Secrets and Team Password Management via Trackers)) ~/tc~
~tc~ (alias(Shared Secret)) ~/tc~

History

Advanced
Information Version
Marc Laporte Old PayPal story 31
Josue Zirimwabagabo Change paths of User encryption preference and key creation 30
Marc Laporte 29
John Clausel Joseph 28
Marc Laporte 27
Marc Laporte 26
Marc Laporte 25
Marc Laporte 24
Marc Laporte 23
Marc Laporte 22
Marc Laporte Page renamed from Shamir's Shared Secrets and Team Password Management via Trackers to Shared Secrets. Semantic alias redirect created 21
Adrien 20
Adrien 19
Adrien 18
Adrien 17
Adrien 16
Adrien 15
Adrien 14
Adrien 13
Adrien 12
Adrien 11
Adrien 10
Adrien 9
Adrien 8
Adrien 7
Adrien 6
Adrien 5
Adrien 4
Adrien 3
Adrien 2
Adrien 1