On Wed, Sep 5, 2012 at 9:51 AM, StealthMonger <[email protected]> wrote: > -----BEGIN PGP SIGNED MESSAGE----- > > Can there be a cryptographic "dead man switch"? A secret is to be > revealed only if/when signed messages stop appearing. It is to be > cryptographically strong and not rely on a trusted other party. > Every three months I, the Grantor, encrypt my secret in a new secret-encrypting-key and place that secret in my box. (I keep my box away from others - maybe put it in a safe).
I also encrypt that secret-encrypting key in a public key but not too strong a public key, one that can be broken in three months time. I then throw away the private key to that public key (I don't need it, I know my secret). I give the public-key encrypted secret-encrypting key to the trustee, heck I can publish it on the web if I want. If I should die, I will stop re-encrypting the secret and the trustee (that I never really trusted) can break the public key and get to the secret. I know a second scheme that we worked out years ago when one of our group was working on DTN (delay tolerant networking) where we would encrypt something and bounce the encrypting key off a distant node and get a few seconds or minutes of safe time until the something could get decrypted. This scheme has the benefit of not failing if some whiz-bang new crypto breaking system comes along but deals with much shorter time periods. I assume that if I'm using the crypto-only method, then I will keep apprised of whiz-bang new crypto breaking systems and re-encrypt early with a larger key to get back on my three month schedule if such a faster breaking system should appear. ---- Michael Heyman _______________________________________________ cryptography mailing list [email protected] http://lists.randombit.net/mailman/listinfo/cryptography
