I would suggest Secret Key Splitting (e.g. Shamir's scheme), with an n-out-of-m 
scheme. Add decryption instructions, give everyone you trust and who is not 
easily discoverable a share of the key, the complete encrypted backups, and 
tell them to follow instructions when they believe you are dead or imprisoned. 
(The instructions could be as easy as "boot your PC from this DVD and keep it 
running for at least a week". Given enough secret shares, it should work and be 
interference-safe, and still only be decryptable if n of the m trusted parties 

Best regards,

StealthMonger <stealthmon...@nym.mixmin.net> schrieb:

>Richard Salz <rich.s...@gmail.com> writes:
>>> How could it be arranged that "if anything happens at all to Edward
>>> Snowden, he told me he has arranged for them to get access to the
>>> archives"?
>> A lawyer or other (paid) confidant was given instructions that would
>> disclose the key.  "Do this if something happens to me."
>An adversary can verify an open source robot, but not such
>NSA cannot verify a claim that such instructions have been given
>they know the lawyer's identity, but in that case they can
>(On the other hand, NSA cannot afford to assume that such a claim is a
>bluff, and that's the strength of this idea.)
>The intended interpretation of the "open source" clause in the original
>problem statement is that anyone could inspect the workings of the
>and verify that it does indeed "harbor a secret" and that if the signed
>messages stop coming it will indeed release that secret.
>(For example, in one implementation -- NOT CRYPTOGRAPHICALLY STRONG --
>secret file's access permissions can only be granted by the robot.)
> -- StealthMonger <stealthmon...@nym.mixmin.net>
>    Long, random latency is part of the price of Internet anonymity.
>   anonget: Is this anonymous browsing, or what?
>   stealthmail: Hide whether you're doing email, or when, or with whom.
>   mailto:stealthsu...@nym.mixmin.net?subject=send%20index.html
>The cryptography mailing list
The cryptography mailing list

Reply via email to