Good day! Small sugestion:

It would be awesome to see smaaaal GUI for more comfortable and easy usage to spllit\join files :)

Just make small scatch what it can looks like...

P.S. I could help with translation to other languages and draw vector logo

Thanks for your work that already had been done!

To guarantee the ability to recreate the original file from the horcruxes in the event that this repo would become lost there should be an option for the tool to return binary horcruxes that when executed run the horcrux program. Think like self extracting zip files in exe format.

So I can execute ./horcrux1 bind horcrux2 horcrux3 and recover the original file.

[maus@lolcat bind]$ tree
.
├── folder
│   ├── split_1_of_3.horcrux
│   ├── split_2_of_3.horcrux
│   └── split_3_of_3.horcrux
└── horcrux

1 directory, 4 files
[maus@lolcat bind]$ ./horcrux bind folder/
2020/07/13 08:49:03 open split_1_of_3.horcrux: no such file or directory

How do I solve this Problem?
Thanks!

Maybe due to the latest release of GoReleaser (v1.20.0), the workflow "ci" is broken.

Or it's a malformed documentation and it's right to use options after split subcommand? I am asking as providing options before subcommand when they are not global is the bad idea: subcommand is like some sort of namespace which allows us access just some options and not all at once not to have a big mess.

If I run horcrux -t 3 -n 5 split diary.txt I get five .horcruxes, and each one contains

# THIS FILE IS A HORCRUX.
# IT IS ONE OF 5 HORCRUXES THAT EACH CONTAIN PART OF AN ORIGINAL FILE.
# THIS IS HORCRUX NUMBER 1.
# IN ORDER TO RESURRECT THIS ORIGINAL FILE YOU MUST FIND THE OTHER 4 HORCRUX(ES) AND THEN BIND THEM USING THE PROGRAM FOUND AT THE FOLLOWING URL
# https://github.com/jesseduffield/horcrux

-- HEADER --
[...]
-- BODY --
[...]

It says I must need this horcrux plus other four to resurrect the original file, while If I delete three horcruxes, ./horcrux bind . returns

You do not have all the required horcruxes. There are 3 required to resurrect the original file. You only have 2

saying that I need at least (only) three horcruxes

Is this a feature? ; )

EDIT: I also noticed a t>n error:

• If I run .horcrux -n 5 split diary.txt and enter t=99 I get the following message. Should the interval be "[2-5]" instead of "(2-99)"?

How many horcruxes should be required to reconstitute the original file? If you require all horcruxes, the resulting files will take up less space, but it will feel less magical (2-99): 99
parts cannot be less than threshold

• If I run .horcrux -t 5 split diary.txt and enter n=3 I get an error. Should the interval be "[5-inf]" instead of "(2-99)"?

How many horcruxes do you want to split this file into? (2-99): 3
parts cannot be less than threshold

Unrelated request, is it possible to add armv7h to the list of pre-released binaries?

None of the examples explain how to get your soul into the computer so you can put it into the horcrux.

It's prefer to set number of files to be split as argument Instead of a question.

-number 33

作者好，请问是否考虑在 release 中也提供适用 darwin arm64 的版本？

我们现在正开发 x-cmd，尝试以 portable 方式提供大量的二进制工具，比如x-cmd pkg | horcrux
在使用 horcrux 的过程中，我们发现 release 中缺少 darwin arm64 版本，一般我们希望以作者作为二进制可信源头，这样可以减少自行编译可能给用户带来的未知问题。

谢谢。

https://github.com/xkortex/passcrux

This town ain't big enough for two Harry-Potter-influenced Hashicorp-SSS-based data-splitting applications written in Golang...

So, wanna join forces?

:)

(Obviously, there's more than enough room in cyberspace, just was quoting the old spaghetti western trope :) )

Would be helpful to have a the standard -v / --version flag, to show version and exit with a zero exit code.

I'd like to customize the horcrux filenames using some format strings.

It does not need to be very flexible. Just some flexibility would be good enough.

The project uses an un-verified secret sharing scheme for the key, which can be sufficient given an appropriate thread model. But it should be detectable if the either the data or the key has been tampered with (of course, replacing them altogether is still possible, but the problem of authenticity is not tackled at all in this project, which again is ok for this project).

However, unauthenticated OFB encryption is used (essentially a stream cipher), which allows for arbitrary bitwise flips of the plaintext and is undetectable by this library.

Countermeasures:

1. Verify that the contents of each threshold file are actually the same
2. Use ChaCha20-Poly1305 as an AEAD scheme, instead of OFB.

It's no issue at the moment, as each key is only used once, but please use a random IV as well.

Could you upload the package to chocolatey? Thanks

Hi mate,
It seems the hashes are different to the ones listed. I'm very new to Github and development.
Can you please upload the current hashes?
Apologies in advance if I haven't understood something about the process.
Cheers

The current implementation of the program appears to copy the encrypted file into each horcrux, which becomes pretty storage intensive with a larger file and more horcruxes.

n is the number of horcruxes, t the number needed to ressurect, s is size of the file, t ≤ n
Reed-solomon encoding can split the original file into n pieces, each piece has a size of s/t. Any combination of t pieces can be used to recreate the original file.

So the total space used by the horcruxes would be n*(s/t) instead of n*s.

This should also ensure the integrity of the data as the reconstruction of the file should fail if a piece is modified.

One of the properties described at https://en.wikipedia.org/wiki/Shamir%27s_Secret_Sharing is that SSS is "Minimal: The size of each piece does not exceed the size of the original data."
However, looking at the examples, each piece is 2.23 KB, larger than the original 1.75 KB.
Is that discrepancy an indication of a bug somewhere?

I don't know if it was intentional. I checked the commit log and it looks like the changes were functional.

You could also look at implementing Shamir's so that you can create more parts but don't need all of them. Might be a fun project.

Could probably just import this library and use the split method if you want to be lazy about it :P
https://github.com/hashicorp/vault/blob/master/shamir/shamir.go

For users who want to require exactly N of N keys, XOR would be the safest, most performant, most reliable option.

It has indicated go-sssa in the comparison table that is not vulnerable to side channels attack:

https://github.com/dsprenkels/sss/blob/master/README.md#comparison-of-secret-sharing-libraries