Comment by dcow
5 years ago
I’m usually pretty wary of heavily opinionated wiki essays. “It’s not often implemented properly” with two examples of how it’s failed while ignoring all the correct deployments seems pretty skewed. The essay even concludes that SSS used in higher order group-share protocols is fine because there’s a “high bar for correctness”. You can probably sum up the entire rant as “don't roll your own crypto” and “use the right tool for the job”.
> “don't roll your own crypto”
All the fault information there is in software people would have gone and downloaded instead of "rolling their own".
It's not like cryptography software is magical gift from the gods, someone wrote it.
And often the people writing SSS software do not do a good job, partially because the properties that SSS by itself provides are not very useful and if they were thinking carefully they wouldn't write it at all.
This argument is not unique to SSS, is the point I think we clearly agree on. Good software is hard. Find a good implementation of SSS or take the time to do it properly. I agree, it’s not magic.