Partial/fragmented decryption keys

Damien Goutte-Gattat dgouttegattat at
Sun Dec 8 21:54:53 CET 2019

On Sun, Dec 08, 2019 at 10:48:47AM -0700, Joseph Bruni via Gnupg-users wrote:
>I recall from the early days of PGP that there was a way to create a 
>corporate key, fragmented into a certain number of potions, which would 
>require some quorum to be able to perform decryption. [...] Is this 
>still possible in OpenPGP and therefore in GnuPG?

The OpenPGP RFC [1] seems to acknowledge this possibility by defining a 
flag that can be set on a public key to indicate that the corresponding 
private key “may have been split by a secret-sharing mechanism” (§ But it does not provide any details about how that feature 
should be implemented, leaving that entirely to the implementations 
(which makes sense, I guess, since what an implementation does with a 
private key is not supposed to have an impact on interoperability, and 
so does not need to be specified).

I don’t know about early (or even more recent) PGP versions, but GnuPG 
does not have such a feature. If you are interested the topic has been 
discussed a few years ago on the -devel mailing list [2].


- Damien


-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 228 bytes
Desc: not available
URL: <>

More information about the Gnupg-users mailing list