So to be short: no, there cannot. The absence of new information cannot cause the information needed for decryption to become known. Unless you find some way to reverse that or use a hybrid crypto and non-crypto solution a DMS cannot happen.
Anyone disagree? Note that a Bitcoin-like/distributed network could in potential be an automated DMS-crypto-cheat. 2012/9/5 Natanael <[email protected]> > If the trustee (correct word?) stops passing the messages to your "CDMS" > (cryptographic dead man switch), it would simply decrypt the original > message automatically. So you can not put the entire mechanism in the hands > of the trustee, especially not the part that authorizes the decryption. I > could imagine that you would set up a remote server that would simply send > the secret to the trustee, encrypted to his public key for security, when > you stop "pinging" it by sending signed messages. > > To prevent one server from being compromised and revealing the secret > (even if only to the trustee since it can be pre-encrypted), I could > imagine chained-session Secure Multiparty Computation across several remote > servers. The idea is that you run the SMPC software on your remote servers, > give a large random number to each, they generate a keypair inside the > virtual SMPC machine, and you encrypt the message to that key.The machines > split the keypair among themselves using a Secure Sharing Scheme. You send > that encrypted message to all the machines. Each day the machines re-run > the SMPC, sends their key parts and reassemble them using the secret > sharing scheme inside the SMPC, checks if a signed message have been > recieved from So , and if not it decrypts the secret message to the > trustee. A program on the machines will then see this message as the output > from the SMPC and send it to the trustee. > > Overly complicated, maybe, but secure and can actually work. > > On Wed, Sep 5, 2012 at 3:51 PM, StealthMonger < > [email protected]> wrote: > >> -----BEGIN PGP SIGNED MESSAGE----- >> Hash: SHA1 >> >> >> Can there be a cryptographic "dead man switch"? A secret is to be >> revealed only if/when signed messages stop appearing. It is to be >> cryptographically strong and not rely on a trusted other party. >> >> The motivating application is a Living Trust wherein the Grantor wants >> to keep secret, even from the Trustee, the locations of his caches of >> gold until such time as he is no longer able to send signed messages. >> Each signed message has to somehow avert revelation of the secret for >> another time period (three months, say). >> >> - -- >> >> >> -- StealthMonger <[email protected]> >> Long, random latency is part of the price of Internet anonymity. >> >> anonget: Is this anonymous browsing, or what? >> >> http://groups.google.ws/group/alt.privacy.anon-server/msg/073f34abb668df33?dmode=source&output=gplain >> >> stealthmail: Hide whether you're doing email, or when, or with whom. >> mailto:[email protected]?subject=send%20index.html >> >> >> Key: mailto:[email protected]?subject=send%20stealthmonger-key >> >> -----BEGIN PGP SIGNATURE----- >> Version: GnuPG v1.4.10 (GNU/Linux) >> Comment: Processed by Mailcrypt 3.5.9 <http://mailcrypt.sourceforge.net/> >> >> iEYEARECAAYFAlBF1ecACgkQDkU5rhlDCl5omQCgpcuTWhFuojJkkgUOLeZwnYIf >> TlwAnAhrxdyeLMccamIAZ8CbLZKn2jyb >> =MaVJ >> -----END PGP SIGNATURE----- >> >> _______________________________________________ >> cryptography mailing list >> [email protected] >> http://lists.randombit.net/mailman/listinfo/cryptography >> > > > _______________________________________________ > cryptography mailing list > [email protected] > http://lists.randombit.net/mailman/listinfo/cryptography > >
_______________________________________________ cryptography mailing list [email protected] http://lists.randombit.net/mailman/listinfo/cryptography
