Sharing/Storing a private key

Peter Lebbing peter at digitalbrains.com
Wed Dec 18 17:53:43 CET 2013


On 16/12/13 23:41, Doug Barton wrote:
> but one argument against what you're suggesting is that it's only as secure 
> as the encryption used in step 1 of the hybrid approach.

If only everything in cryptoland was "only as secure as 3DES"...

> The ability to apply SSS to the entire secret would be quite valuable

I don't see why. If this is because you avoid "insecurities in symmetric
crypto", I just don't buy it. Otherwise, please explain.

> although your concern about entropy use is something that should be addressed
> explicitly.

And how do you propose to do that? You can't conjure up good quality entropy.
And if you don't trust symmetric crypto, you can't use that to create an
almost-random stream either.

Peter.

-- 
I use the GNU Privacy Guard (GnuPG) in combination with Enigmail.
You can send me encrypted mail if you want some privacy.
My key is available at <http://digitalbrains.com/2012/openpgp-key-peter>



More information about the Gnupg-users mailing list