> On 20 Dec 2020, at 09:19, Alexander Kriegisch <alexan...@kriegisch.name> > wrote: > > The original PGP used to have this feature around 20 years ago already, > maybe some people remember. In the list archive I found two threads, > both several years old, asking about this feature in GnuPG, but there > were no conclusive answers, only workaround suggestions like to split > the binary or ASCII key file or print the password and share parts of > the passwords, neither of which satisfy the original requirements > covered by the original PGP functionality. Example: > > I split a private key file with PGP into these shares: > -- User A gets a piece of key worth 2 shares. > -- User B gets a piece of key worth 2 shares. > -- User C gets a piece of key worth 1 share. > -- User D gets a piece of key worth 1 share. > -- User E gets a piece of key worth 1 share. > -- User F gets a piece of key worth 1 share. > > I define that at least 5 shares are necessary to re-assemble a valid > decryption key, i.e. we need for example > -- A + B + one other user > -- C + D + E + either A or B > for decryption. >
You’re referring to Shamir’s secret sharing scheme, for which several implementations exist. If you are using Linux, it should be as simple as installing the “ssss” package. A _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
