[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: keeping secrets and knowing when they're compromised





> > I also want to know, if I'm still around, when and if those documents
> > are decrypted.  I.e. In the event that my friend isn't as trustworthy
> > as I presume, I want to find out if s/he decrypts the files while I'm
> > still around.

There is a solution, a simple one, that can split the repsonsibility.

Encrypt the documents with a normal symmetric cryptosystem, something 
strong and unlikely to be compromised in the near future, say LOKI or 
IDEA, or maybe 3DES if you trust it.

XOR the key with a random value, give the result to your friend and print 
out the random value, sign it and give it to a bank or solicitor as a 
bequest in your will to your friend.

If and when something does happen the friend proves your death to the 
bank using probate or a death certificate, gets the random value, XORs it 
with the string you gave her and she has the key. She can then easily 
decrypt the data. 

Yes, it does involve a third party, but it is unlikely your friend could 
collude with a respected bank or solicitor/notary to recover the key...
Really all depends how paranoid you are.

        Datacomms Technologies data security
       Paul Bradley, [email protected]
  [email protected], [email protected]    
       Http://www.cryptography.home.ml.org/
      Email for PGP public key, ID: FC76DA85
     "Don`t forget to mount a scratch monkey"