[Cryptography] Plan to End the Crypto War
dan at geer.org
dan at geer.org
Fri Jan 15 14:55:47 EST 2016
> >My personal conjecture is that split golden key is no better
> >than single golden key because any human process where the
> >split key works, that process can be implemented around a
> >single golden key.
>
> One advantage a split key has is more security against insider
> attack. You need N of M insiders inorder to get at the data. If
> those insiders have to be inside different organizations, all
> the better.
Continuing what is essentially now a point of information:
Using a quorumed N of M key fragmentation has two effects.
One, no M-N actors can cause a service denial.
Two, no M-N actors can collusively nullify protections.
The size of N and M are chosen relative to risk tolerance which is to
say policy. Because it has been shown that key fragments can be
generated in abstentia and that they can be used sequentially, there
is no technical requirement that the merged "true" key ever exists.
--dan
More information about the cryptography
mailing list