CESS — Cryptologically Enchanted Shamir's Secret , a open standard.

Posted by erilaz123@reddit | linux | View on Reddit | 11 comments

CESS was created to fix these issues:

GnuPG provides strong encryption and signing, but it does not support modern AEAD and Shamir's secret.

Autocrypt focuses on opportunistic mail encryption, threshold splitting of long-term secrets with PIN-wrapped shares is not supported.

SLIP-0039 standardises mnemonic encoding of Shamir shares but it does not support encrypted shares.

Shamir's secret sharing has been around since 1979.

CESS is an open cryptographic standard for threshold secret sharing. It also supports mixing of cryptographic chiphers.

One can as a example do:

BrainpoolP384r1 + Twofish-256-CTR + Poly1305.

That profile has the internal suite id 0x0004. So recipients of coded messages, streams , emails etc can automatically recognize the correct profile to use the profile ID is encrypted with Brainpool. 56 different profiles are available.

The standard is available at:

https://github.com/Supermagnum/CESS

[-]

maqbeq@reddit

Shamir! You're breaking the car!

[-]

DHermit@reddit

Don't ever roll your own crypto without being an expert, especially not with AI.

[-]

erilaz123@reddit (OP)

https://github.com/rust-lang/cargo/issues/16850

[-]

erilaz123@reddit (OP)

That would be enormously stupid and unsafe!

[-]

NenupharNoir@reddit

AI written bullshit. This isn't transparent. Good job, you've already lost trust.

Leaving the .cursors directory out of your .gitignore made this easy to detect, but ultimately the overwhelming .md files with zero attribution to anyone is the icing on the cake.

Other than that 20 commits all at the end of March, zero stars, and worried over such things as "post-quantum hybrid key exchange" and exclusion of NSA/NIST algorithms.

Here's the .cursors/rules/cess-style.mdc for anyone who is interested:

--
description: CESS contribution style — authoritative guide for AI and human edits
alwaysApply: true
---

# CESS style

Treat **`STYLE-GUIDE.md`** (repository root) as the authoritative guide for **all** contributions (Claude Code, Cursor, other AI tools, and humans). **`CONTRIBUTING.md`** governs patents, reviews, registry, and crypto exclusions when this rule and that file overlap on process.

**Keep in mind:**

- Scope changes to the task; avoid drive-by refactors and unrelated files.
- No emojis in code, comments, commits, or documentation.
- Do not add or expand markdown (including investigation reports) unless the task or a maintainer explicitly asks.
- Do not commit or push to shared remotes unless a maintainer asked for that change.
- Test vectors: lowercase hex unless a format requires otherwise; cite sources for vendored corpora.
- Respect CESS cryptographic and runner constraints in CONTRIBUTING (exclusion list, transitive deps).

When instructions conflict, follow **`STYLE-GUIDE.md`** and **`CONTRIBUTING.md`** over ad-hoc preferences.

[-]

erilaz123@reddit (OP)

Since you clearly is a expert on what's AI bullshit and not, can you please explain what this is, where it is from and what it is used for?

"key": "808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9f", "iv": "070000004041424344454647", "aad": "50515253c0c1c2c3c4c5c6c7", "msg": "4c616469657320616e642047656e746c656d656e206f662074686520636c617373206f66202739393a204966204920636f756c64206f6666657220796f75206f6e6c79206f6e652074697020666f7220746865206675747572652c2073756e73637265656e20776f756c642062652069742e", "ct": "d31a8d34648e60db7b86afbc53ef7ec2a4aded51296e08fea9e2b5a736ee62d63dbea45e8ca9671282fafb69da92728b1a71de0a9e060b2905d6a5b67ecd3b3692ddbd7f2d778b8c9803aee328091b58fab324e4fad675945585808b4831d7bc3ff4def08e4b7a9de576d26586cec64b6116", "tag": "1ae10b594f09e26a7e902ecbd0600691", "result": "valid" },

[-]

NenupharNoir@reddit

What? 😂 This isn't a showdown to see who can flex their 'tism.

[-]

erilaz123@reddit (OP)

Its from one of the json files in the standard, its a Wycheproof test. Running the included tests will reveal if those tests are genuine or not. Any changes to those will cause those to fail, they are constructed that way by googles wycheproof team. At least you are right about the autism part 😆

[-]

SmoollBrain@reddit

Git should not ignore AI stuff under any circumstances.

[-]

mykesx@reddit

Micro$oft owns GitHub and is anally focused on AI. Doubt it would happen, though a good idea.

[-]

erilaz123@reddit (OP)

I don't trust NSA curves. And trust is up to the reader.