Key safety vs Backup : History of a bad day (key-restoration problem)

Roscoe eocsor at gmail.com
Fri Nov 2 05:50:43 CET 2007


I don't see any worthwhile gain over setting a strong passphrase, and
then secret sharing that passphrase with ssss.


In Roberts example if you were to use ssss+paperkey you'd merely
export an encrypted secret key, and then print in the line above it an
ssss share.
As far as I can see this would produce an equivalent state of affairs.

The biggest practical difference is that since you're secret sharing
just a passphrase and not a secret key it's going to be less typing to
reconstruct your key.

It does add an extra step to the situation, but I do like the one tool
one job philosophy.


[BTW: Adding paperkey to the tools section of gnupg.org would be good.
I only found it because I read the mailing list :].

On 11/1/07, Robert J. Hansen <rjh at sixdemonbag.org> wrote:
> > Does anyone see a good use case (aside from the cool-trick
> > factor) to using secret sharing in paperkey?
>
> Yes.  E.g., I may wish to give shares to my best friend and my cousin.
> This way, even if their homes and/or offices are broken into, or one of
> them misplaces/loses their share, I don't need to worry about where that
> copy is: I just have the other person burn their share and issue two
> more.
>
>
>
>
> _______________________________________________
> Gnupg-users mailing list
> Gnupg-users at gnupg.org
> http://lists.gnupg.org/mailman/listinfo/gnupg-users
>



More information about the Gnupg-users mailing list