Re: What will happen to your crypto keys when you die?

2009-07-04 Thread silky
On Fri, Jul 3, 2009 at 4:37 AM, Jack Lloydll...@randombit.net wrote:
 On Thu, Jul 02, 2009 at 09:29:30AM +1000, silky wrote:
  A potentially amusing/silly solution would be to have one strong key
  that you change monthly, and then, encrypt *that* key, with a method
  that will be brute-forceable in 2 months and make it public. As long
  as you are constantly changing your key, no-one will decrypt it in
  time, but assuming you do die, they can potentially decrypt it while
  arranging your funeral :)

 This method would not work terribly well for data at rest. Copy the
 ciphertext, start the brute force process, and two months later you
 get out everything, regardless of the fact that in the meantime the
 data was reencrypted.

Indeed, hence the reason I suggested encrypting only your real key
with this method. By the time you're done decrypting that, you've only
gotten a stale key. Of course the approach isn't really practical in
principle, it's only cute.


 -Jack

-- 
noon silky
http://lets.coozi.com.au/

-
The Cryptography Mailing List
Unsubscribe by sending unsubscribe cryptography to majord...@metzdowd.com


Re: What will happen to your crypto keys when you die?

2009-07-03 Thread Jack Lloyd
On Thu, Jul 02, 2009 at 09:29:30AM +1000, silky wrote:

 A potentially amusing/silly solution would be to have one strong key
 that you change monthly, and then, encrypt *that* key, with a method
 that will be brute-forceable in 2 months and make it public. As long
 as you are constantly changing your key, no-one will decrypt it in
 time, but assuming you do die, they can potentially decrypt it while
 arranging your funeral :)

This method would not work terribly well for data at rest. Copy the
ciphertext, start the brute force process, and two months later you
get out everything, regardless of the fact that in the meantime the
data was reencrypted.

-Jack

-
The Cryptography Mailing List
Unsubscribe by sending unsubscribe cryptography to majord...@metzdowd.com


Re: What will happen to your crypto keys when you die?

2009-07-03 Thread Jon Callas


On Jul 1, 2009, at 4:29 PM, silky wrote:

On Wed, Jul 1, 2009 at 6:48 PM, Udhay Shankar Nud...@pobox.com  
wrote:

Udhay Shankar N wrote, [on 5/29/2009 9:02 AM]:
Fascinating discussion at boing boing that will probably be of  
interest

to this list.

http://www.boingboing.net/2009/05/27/what-will-happen-to.html


Followup article by Cory Doctorow:

http://www.guardian.co.uk/technology/2009/jun/30/data-protection-internet


A potentially amusing/silly solution would be to have one strong key
that you change monthly, and then, encrypt *that* key, with a method
that will be brute-forceable in 2 months and make it public. As long
as you are constantly changing your key, no-one will decrypt it in
time, but assuming you do die, they can potentially decrypt it while
arranging your funeral :)


I'll point out that PGP has had key splitting for ages now. You can  
today make a strong public key and split it into N shares, of which  
two or three shares are needed to reconstitute the key, and hand those  
out to trusted loved ones.


You can then use that public key for files, virtual disks, whole disk  
volumes -- anywhere you could use an RSA or Elgamal key -- and be  
assured that your data is safe in the absence of a conspiracy of those  
loved ones.


It's there now, and has been there for a decade.

Jon

-
The Cryptography Mailing List
Unsubscribe by sending unsubscribe cryptography to majord...@metzdowd.com


Re: What will happen to your crypto keys when you die?

2009-07-02 Thread silky
On Wed, Jul 1, 2009 at 6:48 PM, Udhay Shankar Nud...@pobox.com wrote:
 Udhay Shankar N wrote, [on 5/29/2009 9:02 AM]:
  Fascinating discussion at boing boing that will probably be of interest
  to this list.
 
 http://www.boingboing.net/2009/05/27/what-will-happen-to.html

 Followup article by Cory Doctorow:

 http://www.guardian.co.uk/technology/2009/jun/30/data-protection-internet

A potentially amusing/silly solution would be to have one strong key
that you change monthly, and then, encrypt *that* key, with a method
that will be brute-forceable in 2 months and make it public. As long
as you are constantly changing your key, no-one will decrypt it in
time, but assuming you do die, they can potentially decrypt it while
arranging your funeral :)



 Udhay
 --
 ((Udhay Shankar N)) ((udhay @ pobox.com)) ((www.digeratus.com))

-- 
noon silky
http://lets.coozi.com.au/

-
The Cryptography Mailing List
Unsubscribe by sending unsubscribe cryptography to majord...@metzdowd.com


Re: What will happen to your crypto keys when you die?

2009-07-01 Thread Udhay Shankar N
Udhay Shankar N wrote, [on 5/29/2009 9:02 AM]:
 Fascinating discussion at boing boing that will probably be of interest
 to this list.
 
 http://www.boingboing.net/2009/05/27/what-will-happen-to.html

Followup article by Cory Doctorow:

http://www.guardian.co.uk/technology/2009/jun/30/data-protection-internet

Udhay
-- 
((Udhay Shankar N)) ((udhay @ pobox.com)) ((www.digeratus.com))

-
The Cryptography Mailing List
Unsubscribe by sending unsubscribe cryptography to majord...@metzdowd.com


What will happen to your crypto keys when you die?

2009-05-29 Thread Udhay Shankar N
Fascinating discussion at boing boing that will probably be of interest
to this list.

http://www.boingboing.net/2009/05/27/what-will-happen-to.html

Udhay
-- 
((Udhay Shankar N)) ((udhay @ pobox.com)) ((www.digeratus.com))

-
The Cryptography Mailing List
Unsubscribe by sending unsubscribe cryptography to majord...@metzdowd.com