Paper 2025/348

Juicebox Protocol: Distributed Storage and Recovery of Secrets Using Simple PIN Authentication

Nora Trapp, Juicebox Systems, Inc.
Diego Ongaro, Juicebox Systems, Inc.
Abstract

Existing secret management techniques demand users memorize complex passwords, store convoluted recovery phrases, or place their trust in a specific service or hardware provider. We have designed a novel protocol that combines existing cryptographic techniques to eliminate these complications and reduce user complexity to recalling a short PIN. Our protocol specifically focuses on a distributed approach to secret storage that leverages Oblivious Pseudorandom Functions (OPRFs) and a Secret-Sharing Scheme (SSS) combined with self-destructing secrets to minimize the trust placed in any singular server. Additionally, our approach allows for servers distributed across organizations, eliminating the need to trust a singular service operator. We have built an open-source implementation of the client and server sides of this new protocol, the latter of which has variants for running on commodity hardware and secure hardware.

Metadata
Available format(s)
PDF
Category
Cryptographic protocols
Publication info
Preprint.
Keywords
Juicebox ProtocolDistributed StorageKey RecoveryDistributed Trust
Contact author(s)
nora @ trappdesign net
History
2025-02-25: approved
2025-02-25: received
See all versions
Short URL
https://ia.cr/2025/348
License
Creative Commons Attribution
CC BY

BibTeX 

@misc{cryptoeprint:2025/348,
      author = {Nora Trapp and Diego Ongaro},
      title = {Juicebox Protocol: Distributed Storage and Recovery of Secrets Using Simple {PIN} Authentication},
      howpublished = {Cryptology {ePrint} Archive, Paper 2025/348},
      year = {2025},
      url = {https://eprint.iacr.org/2025/348}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.