Splintering gives passwords the security of a cryptographic key
3 points by SaltNHash 5 years ago | 2 comments- 5 years ago
- wahern 5 years agoTL;DR: Users are unable to maintain private keys securely and conveniently, so instead you use a k-of-n secret sharing scheme to split your private key across multiples nodes. To execute a blockchain transaction you request those nodes to send you the shares so you can reconstruct the private key. How do you authenticate yourself to the nodes? With a password[1].... ¯\_(ツ)_/¯
[1] Presumably one at least as strong as the private key you couldn't securely and conveniently store.
- SaltNHash 5 years agoFunny! That was exactly how our first design conversation went! A year after and lots of tests and experiments to validate we came up with Splintering - a method that encrypts a 'human-grade' password (aka 'much weaker than a private key') and shards it across multiple nodes so the complexity and difficulty of breaking it increases to levels corresponding to a cryptographic key. Splintering is an added-security extension to a fully decentralized authentication scheme. For details on how exactly, you're welcome to dive into the paper or at a glance the flow diagram on our git, where we’ve also published our open source code. https://github.com/tide-foundation/Tide-h4x-for-Privacy
- SaltNHash 5 years ago