-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 On 22/04/14 19:47, Trevor Perrin wrote: >> * The friends don't have enough shares to reconstruct the key >> even if they collude > > They do, if n-2 >= k.
Doh, sorry, I tried to generalise this from k=4, n=5 and failed. :0) The user should keep n-k+1 shares on her device. > I would assume you know your friends' public keys, do a k-of-n > share of a symmetric key used to encrypt the backup data, then > encrypt each share under one of the public keys. Then store all > ciphertext in a backup file you widely distribute (containing both > the encrypted shares and encrypted backup data). > > The nice thing about this is you can use your friends for backup > without ever contacting them, except in the event of recovery. Nice! Cheers, Michael -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) iQEcBAEBCAAGBQJTVr7rAAoJEBEET9GfxSfMGMMH/0w+iZFSopxiFXu3UBPiaGJj CvTkGrxXYwT7Zrg/t60fOxIZkHoTGDdxtTdqITcgs90ud0YM+kk6DDs03PZtMr7b FdT8b3BlOhyz11cZtXV99DL49TICmG8NWP+iT5wMdEMa7nauP+hLcF8KFLDhnDvR e5g9RVFcxH+Kiva5kif6eXAzEgZiqSF8bpnsig6Svv/FbVBxbMgMRalc4htnj+Yv 7kJWsJ5P9Bof5Y+10UxcQgxZHDxRI0Fmarcsvu6HZvxj5fgpEMGgVzpJ/9fu2Cih HQ5q9zwtVAvx/X7DKeJEaEGaBgS6gYXmPVAzWk6onRa19gOsUm+s6C9/4mMKQOo= =AbMs -----END PGP SIGNATURE----- _______________________________________________ Messaging mailing list [email protected] https://moderncrypto.org/mailman/listinfo/messaging
