Key safety vs Backup : History of a bad day (key-restoration problem)

Robert J. Hansen rjh at
Thu Nov 1 03:42:06 CET 2007

On Fri, 2007-11-02 at 14:20 +0930, Roscoe wrote:
> I don't see any worthwhile gain over setting a strong passphrase, and
> then secret sharing that passphrase with ssss.

Fewer things can go wrong.

Secret shared passphrase + private key: what happens if the private key
is unavailable?  E.g., I die when my house burns down and my computer
cooks and even my back-ups are toast.  With a SS passphrase, I have to
make off-site backups of my private key... and then I have to make sure
that those off-site backups are still readable, since CD-Rs tend to go
bad... and if I replace one, I have to make sure the passphrase is the
same as the secret-shared passphrase...

Secret shared paperkey: the private key is available as long as the
secret shares are available.  OCR the SS paperkey, recover the private
key, boom, you're off to the races.

Fewer components, fewer steps, fewer dependencies, longer-term storage:
it's an all-around win.

> The biggest practical difference is that since you're secret sharing
> just a passphrase and not a secret key it's going to be less typing to
> reconstruct your key.

147 bytes is not an onerous reconstruction job, even if you have to do
it by hand.  Base64 it and it's about 200 characters, or two and a half
lines of text.

More information about the Gnupg-users mailing list