Split key

Ryan Malayter rmalayter at bai.org
Tue Nov 18 10:55:10 CET 2003

Export the key pair to a file with a pass phrase. Then split the pass
phrase using a secret-splitting program like
m. (windows) 

If you need a threshold scheme (that is, split 5 ways, and any 3 shares
can re-assemble the whole secret) check out tontine:

If you want to make your own secure secret splitting scheme, and not
require other software, simply make the pass phrase a random point on a
Cartesian plane. Use lots of digits (at least 10 for each coordinate),
so your pass phrase has good entropy. The pass phrase would look
something like this:

Next, give an equation of a *random* line through this point to each of
your secret holders, along with instructions about how many digits to
round with and how to format the password when they reconstruct the
secret. You should give them at least one more significant digit in all
of the coefficients of their equations to ensure that they get the same
rounded answer. 

To reconstruct the pass phrase, at least two of your secret holders must
get together and find the intersection of their lines, then use that as
the pass phrase for the secret key. No single share is enough to find
the pass phrase, since there are an infinite number of points on the
line described by each share.

This idea can be extended to any number of parties. If you want three of
them to be required, use X,Y,Z planes instead of lines as your shares,
and so on.


> -----Original Message-----
> From: gnupg-users-bounces at gnupg.org 
> [mailto:gnupg-users-bounces at gnupg.org] On Behalf Of ie black
> Sent: Monday, November 17, 2003 11:50 PM
> To: gnupg-users at gnupg.org
> Subject: Split key
> how can i split my private keys?
> _________________________________________________________________
> Keep track of Singapore & Malaysia stock prices. 
> http://www.msn.com.sg/money/
> _______________________________________________
> Gnupg-users mailing list
> Gnupg-users at gnupg.org
> http://lists.gnupg.org/mailman/listinfo/gnupg-users

More information about the Gnupg-users mailing list