Thanks for all the input... good stuff.
I can think of a bash script that
- generates the passphrase (using /dev/urandom) for a gnupg private key,
- pipe the random passphrase into ssss to generate the shares, threshold
(s,t),
- and every time the passphrase is needed, combine t shares to recreate
the original random passphrase.
A problem I see with this approach is that an attacker can easily modify
the script to output the shares... breaking confidentiality.
Even binary code can be reverse-compiled and re-engineered to spill the
secrets.
Does anyone know of techniques to protect code from being reverse
engineered with standard off the shelf techniques...?
Thanks
Richard Geddes wrote:
Hello,
Is there a utility that integrates gnupg with ssss (Shamir's Secret
Sharing Scheme)? And maybe using smartcards? If not has anyone seen
a HowTo that shows how to integrate them?
Richard
_______________________________________________
Gnupg-users mailing list
[email protected]
http://lists.gnupg.org/mailman/listinfo/gnupg-users
_______________________________________________
Gnupg-users mailing list
[email protected]
http://lists.gnupg.org/mailman/listinfo/gnupg-users
