This is a tool that is designed to take a secret key or password and allow you to give “half” of the password to someone and “half” to someone else — without reducing the “search space” or entropy if one of those people gives up the secret to an attacker.
Let’s imagine that you want to make sure that your brother and your sister are able to open your vault if your upcoming skydiving trip doesn’t go so well. Your vault is locked with a four-digit code: 5703.
Now imagine you tell your sister your code starts with 57 and your brother that it ends with 03. The idea is, they have to work together to open your vault, right? Is that actually true?
A random robber trying to unlock your vault has to try up to 10,000 combinations to get in, from 0000 through 0001, 0002, and 0003 all the way up to 9999. (However, a smart robber would start by checking 1234 in case you’re an idiot, and 0604 because your birthday is June 4th, or 6/04.)
Imagine that a determined thief decides he doesn’t want to try 10,000 guesses while waiting for the cops to show up. This robber threatens your brother and forces him to give up the information that your code ends in 03. The robber has half the code and now only has to try combinations like XX03. This is much easier! He won’t have to try more than 100 guesses, now, from 0003, 0103, 0203, up to 9903. He was able to reduce his “search space” by 99%, because only 1 out of every 100 possible vault codes end in 03.
Now imagine that instead of giving your sister 57 and your brother 03, you gave them the codes 4263 and 1540, and instructions like this:
Dearest siblings,
If you ever need to open my vault, you will need to combine your codes. To do this, go digit-by-digit. Add your first digit to their first digit. If the result is 10 or greater, just throw away the leading
1and keep the last digit. For example, if your first digits are9and8, summing to17, then your result will just be7. Keep this as the first digit in my safe code. Do this operation 3 more times, so that you have added each of your own digits to each of their digits, and dropped any leading ones. You will have a four-digit code as a result, and this will open my vault!
If your siblings need to open your vault, they can combine the partial keys 4263 and 1540 like this:
| First digit | Second digit | Third digit | Fourth digit | |
| Sister’s partial code | 4 | 2 | 6 | 3 |
|---|---|---|---|---|
| Brother’s partial code | 1 | 5 | 4 | 0 |
| Summed | 5 | 7 | 10 | 3 |
| Result | 5 | 7 | 0 | 3 |
And there we have it! Your original vault key.
If we imagine our determined-robber scenario again, and that he again threatens just your brother for the code, the amazing thing is that it has no use for the attacker. Just knowing her partial key is not helpful, since he can’t guess any single digit at all without your sister’s code!
In cryptography (the study of secret codes) this relates to the idea of a one-time pad, and it is considered the most unbreakable kind of code there is. Essentially, it is a formula that says [Complete randomness] + [Secret message] = [Unbreakable encrypted message]. Or, going in reverse: [Unbreakable encrypted message] - [The same complete randomness] = [Original secret message].
Keysplit aims to automate and generalize the concept of the one-time-pad as used to distribute keys to two parties without shrinking the “search space” if one key is compromised. It’s not just useful for 4-digit PINs, but really any sort of code or key of any length.
So: Enter your secret into Keysplit, and we will create a cryptographically secure one-time-pad and an encrypted message, both of the same length as your original input. You can give each to a different person (like your sister and brother), and they can combine them back on Keysplit to retreive your original secret. (We won’t make them do any math!)