[messaging] Password reset mechanisms with an SRP authentication framework
Trevor Perrin
trevp at trevp.net
Tue Apr 22 12:41:30 PDT 2014
On Tue, Apr 22, 2014 at 12:11 PM, Michael Rogers
<michael at briarproject.org> wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA256
>
> On 22/04/14 19:47, Trevor Perrin wrote:
>>> * The friends don't have enough shares to reconstruct the key
>>> even if they collude
>>
>> They do, if n-2 >= k.
>
> Doh, sorry, I tried to generalise this from k=4, n=5 and failed. :0)
> The user should keep n-k+1 shares on her device.
Still doesn't seem right. I think you're trying to accomplish:
(a) The user has a key which is required for recovery
(b) A quorum of friends is also required for recovery
I think this is better implemented by setting the final key to an XOR
of the keys recovered from (a) and (b).
Trevor
More information about the Messaging
mailing list