If you are using cryptocurrencies or care about securing passphrases, you probably thought about data recovery at some point, such as mnemonic phrases or hard drive backups. However, there is another method for backing up important keys or passphrases that provides several upsides for the user and can even be initiated with minimal user interaction. In this article, we will introduce this method called Social Key Recovery, brought to you by Portunus.
What is Portunus Social Key Recovery?
Portunus Social Key Recovery is not only useful for those adept with cryptocurrencies. It also provides a way for backing up passphrases, secrets and even documents. So what exactly is Social Key Recovery and how does it work?
Portunus’ Social key recovery describes the process of backing up keys (or data) in the context of one’s social cycle which usually consists of family and friends. Therefore, a key or passphrasecan be split up with the Shamir Secret Sharing Scheme (SSSS) . The key pieces (also called fragments) which are the result from the SSSS can then be distributed to the close circle of family/friends/contacts. In case the user loses his key, he can now restore it with the previously distributed fragments.
It is always better to illustrate such a definition with a fictional example and don’t worry about some terminologies, those will be explained in the subsequent sections:
Let’s assume Jane has a secret which secures something of value (cryptocurrencies would be a good use case here). She worries about losing this secret and as a consequence, losing access to her assets. Now she might be inclined to back up her secret with people she trusts. Hence, she uses Portunus, an app for Social Key Recovery,which splits her secret into five parts and distributes those to people she is close to. Furthermore, she specifies that three of the five parts are necessary to recompute her secret. One day Jane loses her phone and with it her secret. At this point, she can contact three of the five people who earlier received a part of her secret. With the help of these people, she can restore her secret. Jane then regains access to her assets,
Of course, this is a simplified version of the underlying functionalities and now you might say: “Hold on you want to tell me that my password can be restored by my friends, so they could collude to steal all my cryptocurrencies or sensitive passwords?” Glad you asked because this non-negligible possibility is a real threat and therefore it is necessary to discuss several security-related issues and attack vectors in a subsequent section.
Shamir Secret Sharing Scheme
We mentioned the SSSS algorithm in the previous section and now it’s time to explain the functionality on a high level.
Our algorithm takes a key k and splits it into several fragments. However, the amount of fragments is flexible. E.g., we could split the key into two or more fragments. Next, we need to define a threshold value for recovering the initial key. This threshold value needs to be smaller than the total amount of pieces.
To illustrate the functionality, we can again use a fictitious example: A company that digitally signs documents with a single master key. However, due to security concerns, the key is only on a single computer. Thus, the SSSS makes it convenient for the company to back up the key without introducing a single point of failure. As such, the key is split and each executive receives one piece of the key. The company has 10 executives and its policy requires 7 executives to successfully restore the key. Conclusively, the key is split into 10 pieces and the threshold value is 7. In case of a hardware failure of the computer with the master key, 7 out of 10 executives could restore the key. Furthermore, the order of the keys does not matter as every combination of 7 out of 10 keys would suffice to restore the master key.
Portunus, using SSSS provides a flexible algorithm for choosing the total number of fragments and the threshold value, as such it can provide unique security properties for situations with different security demands.
Unparalleled security for self custody
As mentioned before, the SSSS introduces a powerful mechanism to restore keys without introducing a single point of failure.
For this, we will refer to our initial example of Jane. But now we get more specific: Jane holds one Bitcoin and wants to use the social recovery app to back up her private key. In this context, it is enough to understand that the private key is like a password that enables anyone to spend this one Bitcoin. Her friends Bob, Carol and Dan are already using the app. After installing the app, she splits the key and selects her friends to share the pieces of her key. As a result, she splits the key into three pieces and sets the threshold value to two. Meaning that any two of her friends can recover her private key. Now let’s examine the security properties of this setup. We assume that Jane’s friends are technically knowledgeable and capable of extracting the fragment from their internal phone storage, as the fragments should not be directly accessible in the app. Then it would suffice for two friends to collude and thus steal the Bitcoin of Jane because they are capable of reconstructing the private key from the fragments. This security setup might not be sufficient to hold large monetary value as the communication necessary to reconstruct the key is minimal. Meaning, e.g., Bob and Carol can secretly collude without the knowledge of Jane. However, we can improve the security properties, if we increase the number of pieces and the threshold value. As such we might distribute a total of 5 pieces to 5 members of Jane’s family/friends and require 3 of them to reconstruct the private key. Many potential scenarios could be adapted to different security requirements. If I only hold little value in my cryptocurrency wallet (an application that manages cryptocurrencies and hides the technical complexities of spending and receiving them), I might be comfortable with the initial setup and if I lose my wallet I can easily restore my private key with only two friends. However, maybe I demand higher security standards and as such, I can distribute pieces to more people with a higher threshold value.
Another important step in the Portunus’ app is that the initial private key is encrypted before splitting it up. In this case, an adversary would not only need to collect enough pieces, but it is also necessary to gain knowledge about the password that decrypts the private key. Contrary to the initial consideration this setup could introduce a single point of failure, as the password requires a backup through the user. If she forgets to create or loses the password, she will be unable to recover her key. For this reason, Portunus can also be used to safely store and recover passwords with it.
Portunus has already developed a working beta version. Should you wish to get in touch or know more, please visit our website at www.portunus.ai.
We are constantly looking for people who add value and who is interested in helping build a safer world.