[Freedombox-discuss] Key Splitting to Protect Client Data on Boxes
Daniel Kahn Gillmor
dkg at fifthhorseman.net
Thu Feb 7 16:24:29 UTC 2013
On 02/07/2013 08:18 AM, simo wrote:
> The only problem of doing this is that you need to find out how bad for
> gpg encryption it is a partial leak of a key.
> Not all encryption algorithm have linear resistance to attack based on
> the number of bits of the key leaked.
Nick is proposing using SSSS, which (if i understand the theory
correctly) doesn't leak any information about the secret material until
the correct number of pieces are assembled in one place (at which point
the entire secret is available).
https://en.wikipedia.org/wiki/Shamir%27s_Secret_Sharing
So i don't think nick's proposal should leak any of the bits of the key.
That said, i haven't thought through Nick's proposal at all, so i can
neither endorse nor critique it. Neat idea, though.
hth,
--dkg
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 1027 bytes
Desc: OpenPGP digital signature
URL: <http://lists.alioth.debian.org/pipermail/freedombox-discuss/attachments/20130207/8b61cade/attachment.pgp>
More information about the Freedombox-discuss
mailing list