serhii.net LINKS BLOG!

In the middle of the desert you can say anything you want

20 Feb 2017

digital-scurf → software → libgfshare (Sharing tool, 3-of-5 for example)

Categories:
  • Infosec
  • IT/Encryption
  • (show all) All categories:
  • Infosec
  • IT
  • IT/Encryption

  • Tags:
  • Encryption
  • Gpg
  • Software
  • Sharing
  • Key
  • Algorithm
  • Security

  • Rating: 6; Complexity: 6
    Title: digital-scurf → software → libgfshare (Sharing tool, 3-of-5 for example)
    Link: http://www.digital-scurf.org/software/libgfshare

    Alice has a GPG secret key on a usb keyring. If she loses that keyring, she will have to revoke the key. This sucks because she go to conferences lots and is scared that she will, eventually, lose the key somewhere. So, if, instead she needed both her laptop and the usb keyring in order to have her secret key, losing one or the other does not compromise her gpg key. Now, if she splits the key into a 3-of-5 share, put one share on her desktop, one on the laptop, one on her server at home, and two on the keyring, then the keyring-plus-any-machine will yield the secret gpg key, but if she loses the keyring, She can reconstruct the gpg key (and thus make a new share, rendering the shares on the lost usb keyring worthless) with her three machines at home.