Protecting private key on USB flash drive: how to? // secret-sharing
vedaal at hush.com
vedaal at hush.com
Mon May 12 15:28:55 CEST 2008
Roscoe eocsor at gmail.com
wrote Mon May 12 09:02:32 CEST 2008 :
>> For my curiosity, has anyone used threshold (split-key)
>> crypto for key protection?
> http://point-at-infinity.org/ssss/ works good for passwords to
keys :)
no,
the Shamir split-key/secret sharing,
works for shares of 'keys',
not for passwords
here is a quote from the site:
=====[begin quote]=====
Note that Shamir's scheme is provable secure, that means: in a
(t,n) scheme one can prove that it makes no difference whether an
attacker has t-1 valid shares at his disposal or none at all; as
long as he has less than t shares, there is no better option than
guessing to find out the secret.
=====[end quote]=====
key structures are much more complex than passphrases
example:
assume a passphrase of 16 characters that is shared among two people
each having 8 characters protected by Shamir's secret sharing
even though each person cannot 'decrypt' the other person's 'share',
(that part is true),
each one can start from scratch and do a brute force attack on the
other 8 characters when combined with the 8 characters already
known, and recover the passphrase
when Shamir uses the technique to share 'Keys'
the 'key', which is far more complex than a simple password string,
cannot be reconstructed from a brute force attack, even when t-1
shares are known
'split-keys' have been used by pgp since 6.x,
(usually for 'corporate signing'
when a certain majority t/n is needed for approval of a measure,
although it could work as well for decrypting too)
vedaal
any ads or links below this message are added by hushmail without
my endorsement or awareness of the nature of the link
--
Need cash? Apply now for a credit loan with fast approval.
http://tagline.hushmail.com/fc/Ioyw6h4d9GyhnVARCGdPmzeVF7VYG3XQdmdONDdZwRPnO8sWSVh0pp/
More information about the Gnupg-users
mailing list