Why Drycat ?
Drycat allows to share a secret between multiple people. Each people will get one part of the secret, but in order to recover the full secret it's need to combine multiple parts (defined by threshold).
The secret by itself can be some piece of text, or in case of a file, it's an encryption key
You can generate more parts than threshold limit and thus give more power to specific people.
When you select a file (so en cryption key), you can mark some parts as mandatory. In this case all mandatory parts are required to get the full secret.
Nevertheless, you still need to reach the threshold in order to combine the full secret.
How to use it
Text
Divide secret
| 1. Choose threshold an number of parts to generate | 
|
| 2. Enter secret |  |
| 3. Click on "Split Secret" |  |
| 4. Select one part or a group of parts |  |
| 5. Click on "Generate URL/QRCode" |  |
| 6. Transmit all information to recipient |
Combine secret
| 1. Enter all parts (IN ORDER) manually OR by scanning QRCode OR by clicking on generated link |  |
| 2. Click on "Compute Secret" |  |
File
Divide secret
| 1. Select threshold and number of parts to generate | |
| 2. Click on "Select a file" and select a file |  |
| 3. Click on "Random Secret" |  |
| 4. Optional: Choose manadatory parts |  |
| Click on "Encrypt" |  |
| 5. Optional: Click on "Upload File" |  |
| 6. Select one part or a group of parts | |
| 7. Click on "Generate URL/QRCode" | |
| 8. Transmit all information to recipient |
Combine secret
| 1. Click on generated link OR scan QRCode for initialization | |
| 2. If the file is on server, it will be automatically downloaded | |
| 2. In other case, click on "Select" and select a file | |
| 3. Enter all parts (IN ORDER) manually OR by scanning QRCode OR by clicking on generated link | |
| 4. Optional: Choose manadatory parts | |
| 5. Click on "Decrypt file" |  |
NB : Only encrypted files can be uploaded on server.
Thus, the server will never contains clear files and can't retrieve them in any case.
Thus, the server will never contains clear files and can't retrieve them in any case.
Theory
Mathematical theory is based on Adi Shamir's secret sharing.
Main idea is to generate a polynom with order k-1 (k-1 is threshold). Each part of the secret is a pair (i,f(i)) (i > 1), so a point on a curve.
With polynomial interpolation (according we know at least k points, you can compute the point at order 0 which is the secret.
Drycat is based on a javascript library developped by Amper5hand with a live demo on passguardian.com
All files are encrypted using AES256-CBC. You can decrypt them with OpenSSL :
openssl enc -aes-256-cbc -d -in <FILE.ENC> -K <SECRET> -iv <UUID> -out <FILE>
GPG
GPG stands for GNU Privacy Guard. It's an assymetric key ciphering system that implement OpenPGP standard. It's mainly used to encrypt mails. In Drycat, it's used to store secret in order to update an already uploaded file.
In preferences, user can import its own GPG key or generate a new key pair.
Generate a pair of keys is a feature for ease, but it's strongly recommended to import your own GPG public key (not private).
gpg --export --armor address@mail.com
GPG keys are protected by a user defined password.
If GPG public key is available, secret could be stored on server (but it's optional).
If GPG private key is available, secret will be automatically decoded once loaded.
To decrypt secret from your computer :
gpg --decrypt --armor secret.txt