[Freedombox-discuss] Key Splitting to Protect Client Data on Boxes
Nick M. Daly
nick.m.daly at gmail.com
Thu Feb 7 04:52:53 UTC 2013
So, it's pretty easy to split data using Shamir's Secret Sharing
(package: gfshare). If we split a client's PGP key using a 2:3 split (2
of three pieces are required to reform the key), then we could
meaningfully PGP encrypt the client's data on the box. That would
prevent the box from ratting out the client if it ever fell into
nefarious hands.
The user would need to split their key into three pieces:
1. On the box.
2. On a client device.
3. On a backup, somewhere.
The box could send the client its piece, along with the encrypted data,
even over an insecure channel, because one piece of the key is
meaningless.
This works as long as we can get the first piece of the key onto the
client device, out of band, and the client device remains unsurveiled.
If either of these assumptions are incorrect, we'll need different
solutions (performing the decryption and service operation on the box
itself, for example).
Nick
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 835 bytes
Desc: not available
URL: <http://lists.alioth.debian.org/pipermail/freedombox-discuss/attachments/20130206/07893dad/attachment.pgp>
More information about the Freedombox-discuss
mailing list