[messaging] Password reset mechanisms with an SRP authentication framework

Michael Rogers michael at briarproject.org
Tue Apr 22 12:11:39 PDT 2014


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

On 22/04/14 19:47, Trevor Perrin wrote:
>> * The friends don't have enough shares to reconstruct the key
>> even if they collude
> 
> They do, if n-2 >= k.

Doh, sorry, I tried to generalise this from k=4, n=5 and failed. :0)
The user should keep n-k+1 shares on her device.

> I would assume you know your friends' public keys, do a k-of-n
> share of a symmetric key used to encrypt the backup data, then
> encrypt each share under one of the public keys.  Then store all
> ciphertext in a backup file you widely distribute (containing both
> the encrypted shares and encrypted backup data).
> 
> The nice thing about this is you can use your friends for backup 
> without ever contacting them, except in the event of recovery.

Nice!

Cheers,
Michael
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)

iQEcBAEBCAAGBQJTVr7rAAoJEBEET9GfxSfMGMMH/0w+iZFSopxiFXu3UBPiaGJj
CvTkGrxXYwT7Zrg/t60fOxIZkHoTGDdxtTdqITcgs90ud0YM+kk6DDs03PZtMr7b
FdT8b3BlOhyz11cZtXV99DL49TICmG8NWP+iT5wMdEMa7nauP+hLcF8KFLDhnDvR
e5g9RVFcxH+Kiva5kif6eXAzEgZiqSF8bpnsig6Svv/FbVBxbMgMRalc4htnj+Yv
7kJWsJ5P9Bof5Y+10UxcQgxZHDxRI0Fmarcsvu6HZvxj5fgpEMGgVzpJ/9fu2Cih
HQ5q9zwtVAvx/X7DKeJEaEGaBgS6gYXmPVAzWk6onRa19gOsUm+s6C9/4mMKQOo=
=AbMs
-----END PGP SIGNATURE-----


More information about the Messaging mailing list