Re: Was: POISON PILL

[smb@research.att.com]

	 According to gtoal@gtoal.com:

	 > :4) if you are really paranoid, Shamir share the keys;

	 Please explain this to me.  What is "Shamir?"

The reference is to the following paper:

@article{sharesecret,
   author = {Adi Shamir},
   journal = {Communications of the ACM},
   number = {11},
   pages = {612--613},
   title = {How to Share a Secret},
   volume = {22},
   year = {1979}
}

More generally, see the article on shared control systems:

@incollection{Simmons92,
        author = {Gustavus J. Simmons},
        title = {An Introduction to Shared Secret and/or Shared Control Schemes
and Their Application},
        booktitle = {Contemporary Cryptology:  The Science of Information Integr
ity},
        year = 1992,
        pages = {441--497},
        editor = {Gustavus J. Simmons},
        publisher = {{IEEE} Press}
}

I'm especially fond of this article:


@article{sealing,
   author = {David K. Gifford},
   journal = {Communications of the ACM},
   number = {4},
   pages = {274--286},
   title = {Cryptographic Sealing for Information Secrecy and Authentication},
   volume = {25},
   year = {1982}
}

since it shows how to implement a variety of access mechanisms,
including key-AND, key-OR, m-of-n, etc.
	
	 > :6) periodically send messages to the boxes where you have stashed
	 > :your files, saying "Everything is still cool, don't wipe my files
	 > :or my keys.";

Folks who contemplate such schemes should investigate the false alarm
rate.  Most automated systems experience a much higher rate of false
triggers than true.  Of course, as described here, you'd only get one,
since your data would be gone after that...