Is it possible to require two private keys to decrypt with gpg?

Christian Chavez x10an14 at gmail.com
Mon Jan 3 00:19:48 CET 2022


On Sun, Jan 2, 2022 at 11:01 PM Ángel <angel at pgp.16bits.net> wrote:

> You could use a wrapper which calls gpg twice, while the user only
> calls your wrapper (as if it is gpg) once.
>
Thank you, I think that sounds like the best solution I've come across so
far! =)

> However, I would like to question your need for requiring two gpg keys.
> How are they two gpg going to be more secure? Usually, if someone was
> able to steal one key, they could steal the second one as well as the
> same time, and you could simply require a different second key, or
> tweak the key parameters to get an higher level, if that's what you
> want to achieve from the double encryption.
>
False assumption here =)

One key is on me at all times, and also on a (physically and OS-wise)
locked air-gapped machine.
The other one is in a safe.

So I question the assumption that "if someone was able to steal one key,
they could steal the second as well" - considering that at least one of
them goes with me wherever I go, including work and vacation.
(The safe e.g. doesn't^^)

-- 
Med vennlig hilsen/Kind regards,
Christian Chavez
Phone/Tlf: +47 922 22 603
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnupg-users/attachments/20220103/9545f679/attachment.html>


More information about the Gnupg-users mailing list