[Cryptography] A two key file/program

Thierry Moreau thierry.moreau at connotech.com
Fri May 17 12:40:12 EDT 2019 

On 17/05/19 06:17 AM, Matt Palmer wrote:
> On Thu, May 16, 2019 at 07:00:34PM -0700, Allen Schaaf wrote:
>> I'm looking for a program or file system to run on Windows 7/8.1/10 to keep
>> data protected that requires two separate keys used at the same time to open
>> the file. It needs to be like the missile launching system that was created
>> using two physical keys at the same time to prevent one crazy person from
>> starting a war.
>
> [...]
>
>> I recall that there is a system like this but I'm unable to find it. Given
>> that it is a very small credit union and that it functions in a lower income
>> market it would be best if it was free or low cost.
>
> The *concept* you're looking for, I suspect, is Shamir Secret Sharing.  I
> don't know of any implementations specifically for Windows (not really my
> thing), but I'm sure with that keyword and a little bit of DDG-fu you'd dig
> something up fairly quickly.
>

If it is really only two keys that is required, the Shamir scheme is an 
overkill.

The hidden details in the requirements include backup (for service 
continuity assurance), preventing the decrypted contents from being 
present on the Windows past their legitimate usage period, physical 
secrecy protection for each of the two keys at rest on a 7/24 basis (a 
storage format that prevents surreptitious duplication ...). Little of 
this is addressed by crypto-academic proposals.

My feeling is that the financial institution regulations are crafted for 
larger organizations able to show a larger staff and system budget which 
mystifies the auditors (market entry barriers). NIST CSRC is in this 
type of business for the US government (...). A FIPS 140 certified HSM 
buys a good autonomy in this perspective.

In derision of the user burden with password management, I crafted a 
totally manual scheme including one-time-pad encryption and sealed money 
bags. This is effective in every aspects of password handling 
prescriptions, without being really error-prone. But the workload is 
large and the user training would be challenging.

A FIPS 140 certified HSM may keep the auditor at bay, ...

- Thierry

> - Matt
>
> _______________________________________________
> The cryptography mailing list
> cryptography at metzdowd.com
> http://www.metzdowd.com/mailman/listinfo/cryptography
>

More information about the cryptography mailing list