Michael Sierchio wrote:
Götz Babin-Ebell wrote:
Don't underestimate XOR.
With a good random source and a secure way to seperate
key and data it is one of the best crypt algorithms available.
XOR only permits N-of-N threshold schemes, not K-of-N with
K N.
But that is exacly that
Clayton Haapala wrote:
On Wed, Sep 12, 2001 at 08:12:39AM -0700, Michael Sierchio wrote:
Clayton Haapala wrote:
Why not encrypt the Certificate key, prior to splitting it
Encrypt the public key? Does not compute.
I wrote a bit more than THAT -- I said to use a separate public
On Thu, Sep 13, 2001 at 11:55:12AM +0200, G?tz Babin-Ebell wrote:
Clayton Haapala wrote:
On Wed, Sep 12, 2001 at 08:12:39AM -0700, Michael Sierchio wrote:
Clayton Haapala wrote:
Why not encrypt the Certificate key, prior to splitting it
Encrypt the public key? Does not
[EMAIL PROTECTED] wrote:
According to Bruce Schnieders [sic] ...
I wish people wouldn't cite Schneier as if he were the author of anything
in that book but Blowfish...
...Any data padded with a truly random key generates truly random cipher text. There
are NO patterns in the cipher text.
matt wrote:
Use dd(1). Say the key is 1000B:
$ dd if=key.file of=key.file.1 bs=300 count=1
$ dd if=key.file of=key.file.2 bs=300 skip=1 count=1
$ dd if=key.file of=key.file.3 bs=300 skip=2
This reveals key bits to the holders, however. Using
a K-of-N threshold scheme, or even a simple
On Wed, Sep 12, 2001 at 06:06:45AM -0700, Michael Sierchio wrote:
matt wrote:
Use dd(1). Say the key is 1000B:
$ dd if=key.file of=key.file.1 bs=300 count=1
$ dd if=key.file of=key.file.2 bs=300 skip=1 count=1
$ dd if=key.file of=key.file.3 bs=300 skip=2
This reveals key bits
Clayton Haapala wrote:
Why not encrypt the Certificate key, prior to splitting it
Encrypt the public key? Does not compute.
Encryption is also not the same as splitting -- splitting is one
way to ensure that more than N principals must act in concert to
sign something -- and that signature
Michael Sierchio [EMAIL PROTECTED] wrote:
matt wrote:
Use dd(1). Say the key is 1000B:
$ dd if=key.file of=key.file.1 bs=300 count=1
$ dd if=key.file of=key.file.2 bs=300 skip=1 count=1
$ dd if=key.file of=key.file.3 bs=300 skip=2
This reveals key bits to the holders, however.
On Wed, Sep 12, 2001 at 08:12:39AM -0700, Michael Sierchio wrote:
Clayton Haapala wrote:
Why not encrypt the Certificate key, prior to splitting it
Encrypt the public key? Does not compute.
I wrote a bit more than THAT -- I said to use a separate public key
to encrypt (protect) the
Stefan Bellon wrote:
For this, you may want to take a look at http://www.erikyyy.de/multikey/
Right, that's one possible solution. Another is to use an algebraic
threshold scheme. For example, you can support M-of-N threshold schemes
with 2 = M = N with N up to 15 if you compute over GF(2^4)
10 matches
Mail list logo