So, it's pretty easy to split data using Shamir's Secret Sharing (package: gfshare). If we split a client's PGP key using a 2:3 split (2 of three pieces are required to reform the key), then we could meaningfully PGP encrypt the client's data on the box. That would prevent the box from ratting out the client if it ever fell into nefarious hands.
The user would need to split their key into three pieces: 1. On the box. 2. On a client device. 3. On a backup, somewhere. The box could send the client its piece, along with the encrypted data, even over an insecure channel, because one piece of the key is meaningless. This works as long as we can get the first piece of the key onto the client device, out of band, and the client device remains unsurveiled. If either of these assumptions are incorrect, we'll need different solutions (performing the decryption and service operation on the box itself, for example). Nick
pgpQfKWx_csyW.pgp
Description: PGP signature
_______________________________________________ Freedombox-discuss mailing list [email protected] http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/freedombox-discuss
