[6858] in cryptography@c2.net mail archive
RE: secret-sharing code
daemon@ATHENA.MIT.EDU (Salzman, Noah)
Wed Mar 29 09:37:33 2000
Message-ID: <0DA2A15FEE96D31187AA009027AA6A72CE8B09@ca-exchange1.nai.com>
From: "Salzman, Noah" <Noah_Salzman@NAI.com>
To: cryptography@c2.net
Date: Tue, 28 Mar 2000 20:45:19 -0800
MIME-Version: 1.0
Content-Type: text/plain;
charset="iso-8859-1"
[already sent this to Steve... but forgot to include the list]
Steve,
Do you mean like the Blakley-Shamir key-splitting that we do in PGP? The
source code for this is in 6.5.1 from www.pgpi.com.
(We break up the passphrase of a private key into n shares, and then share
holders can get a portion of the n shares, where the share files are either
symmetrically encrypted or encrypted using a pre-existing public key. You
can then reconstitute the key -- for decrypting or signing -- either by
sneaker-net or by our built in TLS key reconstitution feature.)
Noah Salzman
noah@pgp.com
PGP QA Manager
408.346.5186
-----Original Message-----
From: Steve Bellovin [mailto:smb@research.att.com]
Sent: Tuesday, March 28, 2000 7:53 PM
To: cryptography@c2.net
Subject: secret-sharing code
Are there any freely-available secret-sharing packages around?
Specifically,
I need to be able to set up modestly complex policies to protect a sensitive
signature key.
While source code would be best, I'd also be interested in smart card-based
products.
--Steve Bellovin
