splitting keys
David Picon Alvarez
eleuteri@myrealbox.com
Fri Feb 21 11:00:01 2003
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Hi,
> The big problem with key sharing algorithm is: where do you do the
> computation? Where do you assemble the key, and how do you guarantee
> that the owner of that computer does not keep a copy of the assembled
> key? IIRC, the classical key sharing algorithms work by distributing a
> secret (without any knowledge about what that secret is), the assembled
> secret is then used as key.
Hmm. No, that's not quite what I'd like to do. If the secret gets computed
somewhere then you could as well distribute pieces of a passphrase or
something.
> I'm told this problem can be solved, there are
> algorithms where you can
> distribute the computation without the whole key ever being assembled.
> But I'm not into that, so you'll have to do your own research
This is more like it. I've been browsing around Google, but with not very
conclusive results. I guess I'll have to keep on going.
> require one designated computer to be trusted, you've lost.
I agree 100% with you.
> Is that still your insanely big key? I dare not verify your signatures,
> because gpg is sooooo slooooooowwww. Really defeats the purpose of
> digital signatures...
Hmm. It's not insanely big, it's 4096, but I guess you say it because of the
ElGamal sign and encrypt thing. I don't know, I don't want trouble with
subkeys, and especially I don't want DSA because of the 1024 bit limit.
Maybe I'm being too stubborn about this and I should go to RSA 4096/4096.
However, saying it defeats the purpose of digital signatures is quite an
overstatement, IMO.
- --David.
-----BEGIN PGP SIGNATURE-----
Comment: This message is digitally signed and can be verified for authenticity.
iQQXAwUBPlX4EoVy4iYQ9LKqFALRzw//YCBFMih/rbuW+8q2UG6wx9f2y7ljgLuA
5RBfl+X+u7M7f9aj7xtX9JDqYpTkqkFs4asA8nf3774E8d79yIT4mFrvI9Hiqp1y
LkoFOB/9b79Wb54GEF5i8SIKfNFmqnw/jZ3jhLgU96Rf4ao4ORucTP9nmip3XfQq
/FZOF42NNjGo9XWcBssdl9a3tOy8Miz/e9nRL8wLItmAyeLiFgzNCq6uwKFCgzxj
OyCOSBsPjCGwBZZy4NA/G+jme1oMgofZ4WIFkLcVcr3DNWPhXhPmq6W+x2IBtYZ5
X3x7AS5WrVSdB9uXdp1qyHFyZWgb2PuD47J3wRDQsEZgMATwspaEPMdYpkPgmOby
F1ci8GcmDj0OLt2H9w3IzW8bxJa7tN/z19BA+DPgSv/tvtyxVyGJCbeuYN3IVlJu
n2k7znDCkWMNR6BlT/tILZJ3YIq/FLOYgrIBpMfH8RRB4J4cOJSsFLRQBrFH2nJ+
F1LNMq3GCp00mCqf66GARmqYo04ebpcyLqy0YKh2SAGHJMGwOoHqK9EvsFgz7f2j
DMUBhoGLNvtrdNDBFjtPRwh6W1IEzf6NxaOxwicCZ3ieXUudEZffBQnZyeNVWWMV
vSGHqFJpZbpRZiCaqiart1g0YbhgCc4tRRZ1dBWPzesA5XCUr2/6Dq6HXjMMPT4B
7vecMIKZQoEP/jNUMtRRHfOzveIzrSqZ/sLQ9sYK3hSTdAetQOzR/rATrKtsVrDg
GdyDnhvUSuzqRXXsYAMXex2rawjL7qSyWq8mrMnZPZ3BDERDHhCYq8V/26yhn49v
qmo9j9ZHz+8sKZTvfZkJZeuHwqpD0p78s5PNlkU/S90e1b/0PqTViMZu2rrTICPZ
qZzq80eodFMNNz6ki8pOT5296MKb1LsVo/WBlLa0aGUZi6JlUsZ7fDCe2rcHefpF
9tTDbexEkULwDD61iRIFB1MWn7zBUGmWYrb424MZbsN566khctZ2TUIZqVbb+0ay
sIRsFDB+bjhlV+/PSGq0nCIbo0NooMIwwaHZKa6EOa2rVNpZbvbBbC5Zcuxeq38c
+7/JsAjGXfSI5nXx1s/5KGo17iXmhzpGaEwOWVCiVAay7WDpX8QBgA+9yqLDcsZ0
PQlbxFtjEKThC7GZGF4dcEnMFG6lC0Mpe31euJ/PJpCceyNKt68sNnWzVZKGdorH
kxGtErZErwg2/R1aujG3EKN5emrTqse7YB3tLkn25DcYFYH4uUbcuuoeHP1z3ls+
rLbt8hmNt7sZYCGAsamej6+VTGoNIIcOPoXhoqaRXdLYczEDCVgJN4TB/pIDcyXi
E3xK+HxoBFD2X1GvC751Wwc44dY6WxhRsIcOzSmru3HwA7+VYw6WOLmg
=e4xH
-----END PGP SIGNATURE-----