Re: Partial/fragmented decryption keys
Hi, I recall from the early days of PGP that there was a way to create a corporate key, fragmented into a certain number of potions, which would require some quorum to be able to perform decryption. I pored over the GnuPG documentation but could not find an equivalent. Perhaps I?m just getting the terminology wrong. Is this still possible in OpenPGP and therefore in GnuPG? It is indeed not implemented in GnuPG. In case you're curious on how does it work in Symantec PGP here's the description: https://support.symantec.com/us/en/article.HOWTO42097.html and a video tutorial: https://www.youtube.com/watch?v=Q_Mpa8TOhU0 Symantec recommends this feature for "extremely high security keys" by which I guess they mean designated revoker key or additional decryption key. Their implementation seems to bring all private keys to one trusted computer to reconstruct the combined key. As others mentioned there is a flag for marking an OpenPGP key as "split" in the spec so theoretically it could implemented in free software. One project that's close is DKGPG but mind that it "should NOT be used in production environments". Check out the following links: http://nongnu.org/dkgpg/ http://www.nongnu.org/libtmcg/kryptotag26_stamer_slides.pdf Hope this helps! Kind regards, Wiktor -- https://metacode.biz/@wiktor ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Partial/fragmented decryption keys
On 08/12/2019 18:48, Joseph Bruni via Gnupg-users wrote: I recall from the early days of PGP that there was a way to create a corporate key, fragmented into a certain number of potions, which would require some quorum to be able to perform decryption. I pored over the GnuPG documentation but could not find an equivalent. Perhaps I’m just getting the terminology wrong. Is this still possible in OpenPGP and therefore in GnuPG? I don't know about a solution within PGP but it sounds a bit like '' - Shamir's Secret Sharing Scheme. I quote the description within Ubuntu linux distribution of the package : "allows a secret to be split in to shares. These shares can then be distributed to different people. When the time comes to retrieve the secret then a preset number of the shares need to be combined. The number of shares created, and the number needed to retrieve the secret are set at splitting time. The number of shares required to re-create the secret can be chosen to be less that the number of shares created, so any large enough subset of the shares can retrieve the secret. This scheme allows a secret to be shared, either to reduce the chances that the secret is lost, or to increase the number of parties that must cooperate to reveal the secret." hhh Philip ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Partial/fragmented decryption keys
On Sun, Dec 08, 2019 at 10:48:47AM -0700, Joseph Bruni via Gnupg-users wrote: I recall from the early days of PGP that there was a way to create a corporate key, fragmented into a certain number of potions, which would require some quorum to be able to perform decryption. [...] Is this still possible in OpenPGP and therefore in GnuPG? The OpenPGP RFC [1] seems to acknowledge this possibility by defining a flag that can be set on a public key to indicate that the corresponding private key “may have been split by a secret-sharing mechanism” (§ 5.2.3.1). But it does not provide any details about how that feature should be implemented, leaving that entirely to the implementations (which makes sense, I guess, since what an implementation does with a private key is not supposed to have an impact on interoperability, and so does not need to be specified). I don’t know about early (or even more recent) PGP versions, but GnuPG does not have such a feature. If you are interested the topic has been discussed a few years ago on the -devel mailing list [2]. Cheers, - Damien [1] https://tools.ietf.org/html/rfc4880#section-5.2.3.21 [2] https://lists.gnupg.org/pipermail/gnupg-devel/2016-January/030681.html signature.asc Description: PGP signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Partial/fragmented decryption keys
Joseph Bruni via Gnupg-users wrote: > I recall from the early days of PGP that there was a way to create a > corporate key, fragmented into a certain number of potions, which would > require some quorum to be able to perform decryption. I pored over the GnuPG > documentation but could not find an equivalent. Perhaps I’m just getting the > terminology wrong. Is this still possible in OpenPGP and therefore in GnuPG? I don't remember that, but you may search (on GitHub) for 'Shamir's Secret Sharing', which allows you to share a secret with multiple parties and only if the parties come together they can decrypt the secret. Regards Stefan -- box: 4a64758de9e8ceded2c481ee526440687fe2f3a828e3a813f87753ad30847b56 certified OpenPGP key blocks available on keybase.io/stefan_claas ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Partial/fragmented decryption keys
I recall from the early days of PGP that there was a way to create a corporate key, fragmented into a certain number of potions, which would require some quorum to be able to perform decryption. I pored over the GnuPG documentation but could not find an equivalent. Perhaps I’m just getting the terminology wrong. Is this still possible in OpenPGP and therefore in GnuPG? ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
