splitting keys
Adrian 'Dagurashibanipal' von Bidder
avbidder@fortytwo.ch
Fri Feb 21 10:01:01 2003
--=-LDlQ92hr1mp7PgK79ac0
Content-Type: text/plain
Content-Transfer-Encoding: quoted-printable
On Fri, 2003-02-21 at 01:14, David Picon Alvarez wrote:
> Is it likely that secret sharing will be ever incorporated in GnuPG? By
> secret sharing I understand the following, but maybe I'm wrong:
The big problem with key sharing algorithm is: where do you do the
computation? Where do you assemble the key, and how do you guarantee
that the owner of that computer does not keep a copy of the assembled
key? IIRC, the classical key sharing algorithms work by distributing a
secret (without any knowledge about what that secret is), the assembled
secret is then used as key.
I'm told this problem can be solved, there are algorithms where you can
distribute the computation without the whole key ever being assembled.
But I'm not into that, so you'll have to do your own research
(especially: I don't know if any of these algorithms are developed far
enough to be acutally useable).
It's just my opinion that unless this problem is solved, key
distribution/sharing algorithms shouldn't go into gpg. As soon as you
require one designated computer to be trusted, you've lost.
(corrections welcome - I'm not that sure about it all)
cheers
-- vbi
P.S.
> -----BEGIN PGP SIGNATURE-----
Is that still your insanely big key? I dare not verify your signatures,
because gpg is sooooo slooooooowwww. Really defeats the purpose of
digital signatures...
--=20
featured link: http://fortytwo.ch/smtp
--=-LDlQ92hr1mp7PgK79ac0
Content-Type: application/pgp-signature; name=signature.asc
Content-Description: This is a digitally signed message part
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (GNU/Linux)
Comment: get my key from http://fortytwo.ch/gpg/92082481
iKcEABECAGcFAj5V6xZgGmh0dHA6Ly9mb3J0eXR3by5jaC9sZWdhbC9ncGcvZW1h
aWwuMjAwMjA4MjI/dmVyc2lvbj0xLjMmbWQ1c3VtPTE0Y2E2MTZmMTQ2ODJhODJj
YjljYzI1YzliMzRhMTBkAAoJEIukMYvlp/fWJMoAn2s6D0eme0L9IR8fgeiMqNAv
jscNAKCSH5UTlxs1Z+sxvb3PKrTx9Wu2aw==
=hmaj
-----END PGP SIGNATURE-----
Signature policy: http://fortytwo.ch/legal/gpg/email.20020822?version=1.3&md5sum=14ca616f14682a82cb9cc25c9b34a10d
--=-LDlQ92hr1mp7PgK79ac0--