Key safety vs Backup : History of a bad day (key-restoration problem)

[Robert J. Hansen]

Atom Smasher wrote:
> would that be the same PGP(tm) Corporation that, last i checked, made 
> source code available for review but only licensed the use of pre-compiled 
> binaries?

This would be the PGP Corporation that allows you to download and
compile their source code so that you can run your own tests to ensure
there are no back doors, yes.  It's not open-source, but it's certainly
not a closed-source product.

> i hate to sound paranoid (hhmm, actually i don't mind anymore) 

You should.  There's a great quote from the movie _Strange Days_: "The
question isn't whether you're paranoid, but whether you're paranoid
enough."  There's a sweet spot to hit, paranoia-wise.  Being too
paranoid is just as bad as not being paranoid enough.

> but where's the open source application(s) that do that? especially if 
> it's so easy.

At this point it's abundantly clear to me that you've never learned how
Shamir's scheme works.  I don't know how to make a case for Shamir's
scheme to someone who doesn't care how it works, only that their
prejudice is that it's bad.

So far I have given you references to PGP Corporation's use of it, to
Don Knuth's inclusion of it in _The Art of Computer Programming_, to how
fourth-graders in rural Iowa are using it to keep secrets from their
teacher.  It's mentioned quite favorably in _Applied Cryptography_,
_Practical Cryptography_ and the _Handbook of Applied Cryptography_.

At some point, I have to call a halt to it.  If you value warm fuzzies
over math, if you trust James Bond gadgetry ideas over solid and proven
algorithms, then there's nothing I can say to that.