Question regarding shared keys

David Shaw dshaw at jabberwocky.com
Mon Feb 28 05:17:09 CET 2011


On Feb 27, 2011, at 8:25 PM, Denise Schmid wrote:

> Hello list,
> 
> first of all: Sorry if my question reaches the wrong list, but I have a question someone on this list may probably answer easily.
> 
> If a company has shared keys: How does encryption work then? Are several owners of a share needed to encrypt data? I just try to find out how it works in the real world...

It depends on what you mean by a "shared key".  There is just giving a copy of the key to multiple people (in which case any one of them can use it), or there are various key splitting algorithms where a key is broken into a number of pieces, and a specified subset of those pieces can come together, reconstruct the key, and do whatever they need to do.

Which do you mean?

The OpenPGP standard (which specifies how different implementations can interoperate) does not really specify shared keys, beyond acknowledging that they exist.  The PGP *implementation* of the standard, has a shared key feature in the break-the-key-into-multiple-pieces sense.  The GnuPG implementation does not have this feature.

David




More information about the Gnupg-users mailing list