[Cryptography] Mesh Key Recovery

Phillip Hallam-Baker phill at hallambaker.com
Thu Oct 26 15:52:37 EDT 2017


I am currently working on documenting the Mesh tools and producing a
user guide. This is not yet complete but I wanted to show people the
section on disaster recovery for comment at an early stage as I am
sure that it will be controversial.

http://www.prismproof.org/UserGuide/Mesh/disaster.html

The concern here is that the Mesh needs to reflect the security
concerns of its user and not just those of its creator or its early
adopters.

In the real world, houses are destroyed by flood and fire, people are
displaced by war or tyrannical governments. If we are to meet the full
security requirements of users we must consider data availability to
be at least as important as data confidentiality.

Thus some form of key recovery capability is essential. But support
for personal escrow need not entail support for government backdoors.
It is one thing for me to prove to myself that I can recover my keys,
it is quite another thing for me to demonstrate to a government that
they can transparently access my escrowed keys without my knowledge or
consent.

Of course any scheme that provides a user with more opportunities to
recover their data will inevitably create a larger set of
circumstances in which they may be coerced to disclose the keys
against their will. This is certainly a concern but it is not the only
concern.


More information about the cryptography mailing list