Hmm, maybe I lost my meaning in trying to avoid verbosity.
If I decided my mum, dad and brother could be trusted, I'd encrypt my
private key with a strong password.
Then I'd use to generate 3 shares, which when combined would
reveal the password to the private key.
Now I'd distribute to my
On Fri, 2007-11-02 at 14:20 +0930, Roscoe wrote:
> I don't see any worthwhile gain over setting a strong passphrase, and
> then secret sharing that passphrase with .
Fewer things can go wrong.
Secret shared passphrase + private key: what happens if the private key
is unavailable? E.g., I die
> Why not just pick a strong passphrase and mail a copy to all
> your email accounts? You would only need to worry about remembering
> the passphrase.
Doesn't help if I'm dead.
I have some encrypted traffic which my estate will need to read in the
event of my death. So I can give my key and pass
I don't see any worthwhile gain over setting a strong passphrase, and
then secret sharing that passphrase with .
In Roberts example if you were to use +paperkey you'd merely
export an encrypted secret key, and then print in the line above it an
share.
As far as I can see this would p
Why not just pick a strong passphrase and mail a copy to all
your email accounts? You would only need to worry about remembering
the passphrase. One solution is to pick a bunch of friends who
regularly use pgp (maybe even the active members from this list),
encrypt the text of you passphrase to th
On Wed, Oct 31, 2007 at 07:26:15PM -0500, Robert J. Hansen wrote:
> > Does anyone see a good use case (aside from the cool-trick
> > factor) to using secret sharing in paperkey?
>
> Yes. E.g., I may wish to give shares to my best friend and my cousin.
> This way, even if their homes and/or office
> Does anyone see a good use case (aside from the cool-trick
> factor) to using secret sharing in paperkey?
Yes. E.g., I may wish to give shares to my best friend and my cousin.
This way, even if their homes and/or offices are broken into, or one of
them misplaces/loses their share, I don't need
On Thu, 1 Nov 2007, David Shaw wrote:
> Does anyone see a good use case (aside from the cool-trick factor) to
> using secret sharing in paperkey?
1) weak passphrase on the key
2) no passphrase on the key
#2 may be more useful than it seems, if a key is very rarely used and
the
On Wed, Oct 31, 2007 at 04:59:29PM +0930, Roscoe wrote:
> Not answering your questions but two handy tools I like :)
>
>
> A while ago we had a big discussion regarding printing out keys for backup,
> which (I think) prompted David Shaw to write a following small program to
> assist those wanting
> [All the above posts]
Thanks a lot for your input, everyone.
Lots of information !
> Paperkey
After giving it a look, it seams reasonable to use it.
But i'm not confident enough to add another *semi* blackbox tool
in my key backup scheme, as i'll depend of its possible future
evolutions and inc
Not answering your questions but two handy tools I like :)
A while ago we had a big discussion regarding printing out keys for backup,
which (I think) prompted David Shaw to write a following small program to
assist those wanting to do so, here's part of the description of that program:
"Due to
Atom Smasher wrote:
> not having a particular aptitude towards higher math
Shamir's protocol revolves around being given two points on a grid and
drawing a line between them. This is not higher math. This is why it's
described as "amazingly simple".
> and not being fluent at programming C
Nobo
Atom Smasher schrieb:
> 2) AFAIK the shamir secret sharing protocol is great in theory, but there
> just aren't any practical ways to use it (read: applications).
IIRC it is implemented in PGP.
(Maybe in the commercial/corporate versions only, and maybe not that
particular protocol but they have
On Sun, 28 Oct 2007, Robert J. Hansen wrote:
> At this point it's abundantly clear to me that you've never learned how
> Shamir's scheme works. I don't know how to make a case for Shamir's
> scheme to someone who doesn't care how it works, only that their
> prejudice is that it's bad.
>
> So f
Atom Smasher wrote:
> would that be the same PGP(tm) Corporation that, last i checked, made
> source code available for review but only licensed the use of pre-compiled
> binaries?
This would be the PGP Corporation that allows you to download and
compile their source code so that you can run you
On Sun, 28 Oct 2007, Robert J. Hansen wrote:
> Atom Smasher wrote:
>> i wouldn't generally advocate a vernam cipher for encrypting messages,
>> but i think it is the best real-world-practical way to do secret
>> sharing (at least until someone builds an application that ~uses~ a
>> real secret
On Sun, 28 Oct 2007, Robert J. Hansen wrote:
> If you are comfortable with the NSA and/or GCHQ wondering why you've got
> AES-encrypted data hidden in a JPEG that's floating around the internet,
> then go ahead with this.
=
i wouldn't be any more concerned than i am now, with non-hi
Atom Smasher wrote:
> i wouldn't generally advocate a vernam cipher for encrypting messages, but
> i think it is the best real-world-practical way to do secret sharing (at
> least until someone builds an application that ~uses~ a real secret
> sharing algorithm).
See _The Art of Computer Progra
Atom Smasher wrote:
> but this has me thinking... why not combine the "hidden in plain sight"
> part with the encrypted part using steganography... use a reasonably
> strong passphrase ("reasonable" depends on the needs of the end user) for
> your secret key, then hide it in a JPG and post it in
On Sun, 28 Oct 2007, Atom Smasher wrote:
responding to self...
> even with a reasonably strong pass-phrase i wouldn't want to walk around
> with my secret key on a flash-drive with my physical keys, but hidden in
> a JPG of family/friends/pets it would be easily overlooked if i lost
> possessi
On Sun, 28 Oct 2007, Robert J. Hansen wrote:
> Ack! Ack! One time pads! Ack!
>
> I really, really wish the Vernam cipher was either lesser known or
> better known. If it was lesser known, fewer people would advise ever
> using it. If it was better known, more people would understand its
>
On Sun, 28 Oct 2007, Sven Radde wrote:
> Atom Smasher schrieb:
>
>> in theory, if you're *really* using a strong pass-phrase, you can
>> publish your private key in a public place and rest secure in the
>> knowledge that no known technology can break your 100+ character
>> pass-phrase... and if
Just to head a question off at the pass...
Sven Radde wrote:
>> Q1: I have the public key (0x26A2F0AE if it's of any use), i know the
>> secret key passphrase perfectly. Is there any way i could re-compute /
>> restore / whatever the secret part using this information ?
>
> No. The passphrase is
On Sun, 28 Oct 2007, Nicolas Pillot wrote:
> You might call me paranoid, but i just did so to avoid the potential
> trouble some people were having on the forum.
=
seems like reasonable things to do...
> I mounted it, read-only, or, well tried to mount it. After a big
> *s
Atom Smasher schrieb:
> in theory, if you're *really* using a strong pass-phrase, you can publish
> your private key in a public place and rest secure in the knowledge that
> no known technology can break your 100+ character pass-phrase... and if a
> hard drive or several go up in smoke you can
Atom Smasher wrote:
> in theory, if you're *really* using a strong pass-phrase, you can
> publish your private key in a public place and rest secure in the
> knowledge that no known technology can break your 100+ character
> pass-phrase... and if a hard drive or several go up in smoke you can
> rec
Hi!
Nicolas Pillot schrieb:
> Here comes the Sad-result-of-a-cursed-day :
> - i have lost the digital versions of my .gnupg, ascii pub/priv keys
> due to a failing usb stick which hadn't been used for 5+ years.
> - this means i have lost all my encrypted data (mainly accounting
> information, rea
[ Disclaimer ]
This post is at the same time a real-life story, and a request for ideas.
I hope the tone of it won't be too boring, and well, if you're impatient,
just skip to the end ! (namely [ Enter the questions ])
[ Intro ]
Good evening to all of you. This is my first post on this list, so
do
28 matches
Mail list logo
