[Cryptography] A two key file/program
Ángel
angel at crypto.16bits.net
Sun Jun 9 20:18:47 EDT 2019
On 2019-06-08 at 19:38 -0700, Allen Schaaf wrote:
> Hi Vitor and the rest of you,
>
> Thanks for the various responses. It is quite helpful in clarifying my
> thinking.
>
> Not being a programmer, some of the answers are beyond me, alas.
>
> One thing that I now realize that I did not include is the need for
> more than just two people to access the file. Just for discussion,
> lets assume that there are five people, A, B, C, D, E, with an access
> key. What is needed is one of the ten combinations to cover the the
> presence/absence issues. So A/B, A/C, A/D, A/E, B/C, B/D, B/E, C/D,
> C/E, D/E, all ten possibilities would cover presence possibilities.
>
> Thanks,
>
> Allen
Shamir's Secret Sharing can do that.
As stated however, by sharing the passwords you are weaking your
process. Suppose that when auditing the account for 'John', the pair A/B
found some crookedness. This could be that John made that. Or that C/D
did that with John account. Or D/E. Or even A/E, and A is now knowingly
blaming another employee for its miscreants.
And even if John was the guilty on, he will claim he is not and sue
back, and you cannot prove otherwise.
More information about the cryptography
mailing list