On Wed, 2013-02-06 at 22:52 -0600, Nick M.Daly wrote: > So, it's pretty easy to split data using Shamir's Secret Sharing > (package: gfshare). If we split a client's PGP key using a 2:3 split (2 > of three pieces are required to reform the key), then we could > meaningfully PGP encrypt the client's data on the box. That would > prevent the box from ratting out the client if it ever fell into > nefarious hands. > > The user would need to split their key into three pieces: > > 1. On the box. > 2. On a client device. > 3. On a backup, somewhere. > > The box could send the client its piece, along with the encrypted data, > even over an insecure channel, because one piece of the key is > meaningless. > > This works as long as we can get the first piece of the key onto the > client device, out of band, and the client device remains unsurveiled. > If either of these assumptions are incorrect, we'll need different > solutions (performing the decryption and service operation on the box > itself, for example).
The only problem of doing this is that you need to find out how bad for gpg encryption it is a partial leak of a key. Not all encryption algorithm have linear resistance to attack based on the number of bits of the key leaked. Simo. -- Simo Sorce Samba Team GPL Compliance Officer <[email protected]> Principal Software Engineer at Red Hat, Inc. <[email protected]> _______________________________________________ Freedombox-discuss mailing list [email protected] http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/freedombox-discuss
