[Cryptography] Secret sharing for family members

Tom Mitchell mitch at niftyegg.com
Sun Oct 18 23:17:43 EDT 2020 

On Sun, Oct 18, 2020 at 2:55 PM Phillip Hallam-Baker
<phill at hallambaker.com> wrote:
> On Fri, Oct 16, 2020 at 11:21 PM Francis Pouatcha via cryptography <cryptography at metzdowd.com> wrote:
>> On Thu, Oct 15, 2020 at 10:53 PM Phillip Hallam-Baker <phill at hallambaker.com> wrote:
>>>
>>> OK so one thing you might want to use here is Shamir Secret Sharing. I have a spec for that:
>>> https://mathmesh.com/Documents/draft-hallambaker-mesh-udf.html
>>
>> Excellent document. Wonder if there is any reusable implementation of UDF out there?
>
>
> Thanks, the code is at
:.....
>> I would start with a java library if there is no indication of any existing WIP.
>
>> The challenge is the development of a simple social key recovery app for common users.

This if solved will solve the large key escrow problem.
It allows legal actions to disclose keys without a legal framework
that is durable (unlikely).

Some will do well to use the old ribbon and wax seal.
Some will do well to use signed and sealed envelopes.
Noodler's Ink has a invisible ink (UV visible) and also archival
and tamper proof inks.

Friendly families can exchange locking fireproof boxes.

I am trying to do this and it is tedious to keep encrypted files
backed up updated and synchronized.
I would like to use a cloud service for data.

More devices have biometric locks.   The Internet is unfriendly so a
multi factor authentication
scheme is growing and each resource has its own tangle.

I tend to add a password a month and a change a month to my lists.
Synchronization and distribution update
seems to be as big a challenge as sharing the secret.   Vendors never
toss data so it is prudent to update passwords.

A venn diagram of what can unlock what is hard to remember and
visualize.   I have
one circular list on purpose.  Some are trees of authentication.

Companies have the same problem.   While we are over-thinking it the
problem is worthy of thought.

Start with work and personal how to keep separated. Does the boss get
the package or does IT security (flat or complex policy).
Then organize by risk and value of loss.

Backups need keys.

-- 
          T o m    M i t c h e l l ( o n   N i f t y E g g )

More information about the cryptography mailing list