[ILUG] gpg question...
kevin lyda
kevin at suberic.net
Tue May 22 14:16:02 IST 2001
let's say you have a group of people that will have public key encrypted
files sent to them. at any point you want to make sure that any *two*
of those people can unlock a private key to decrypt those files.
now if i relax the requirement a bit and say that just one person can
decrypt, then the following three solutions apply:
1) the sender encrypts with all the public keys of the recipients.
this is not as inefficent as it sounds, however it will *only*
work for the situation where a single person can do the decrypt.
2) a shared key. simple for the sender, however it can only work if
either one person can decrypt or every person is required to
decrypt.
3) a split key. a key pair is generated and then the private key
is split into several parts. depending on how it was configured
at the time of the split, a certain number of pieces are required
to have a full key. pgp supports this (or at least i seem to
recall reading about it - but i think it was only for windows
and only in the professional version). does gpg?
obviously #3 is the one i'm interested in because it combines the ease
of use for the sender for number 2, and a level of security beyond #1
(which is again beyond #2).
btw, this is linux related. i'm sure the group of people know who they
are, and i'm sure they'd appreciate any help people here might be able
to offer in order to avoid a windows based solution.
kevin
--
kevin at suberic.net "Maybe one day downtrodden poo-eaters will
fork()'ed on 37058400 get a fair shake in Savage Love, but it's
meatspace place: work not going to be today."
http://suberic.net/~kevin --dan savage, "savage love"
More information about the ILUG
mailing list