25
submitted 4 months ago* (last edited 4 months ago) by jeffhykin@lemm.ee to c/privacy@lemmy.ml

I'm asking for existing tools/systems that let me programmatically say: "here is my public key, BUT if each of these 5 other public keys all send a signed message saying that my public key has been compromised, then you should mark my public key as compromised, and use the new one they provide". (This is not for a particular task, I'm just curious if any existing auth systems are capable of this)

I call the idea "guardian keys" because it could be friends' public keys or or just more-securely-stored less-frequently-used keys that you control.

NOTE: I know this would not work for data encryption. Encrypted data is simply gone if a key is lost. But, for proving an identity, like a login, there could be a system like this but I don't know of any

you are viewing a single comment's thread
view the rest of the comments
[-] rezifon@lemmy.world 2 points 4 months ago

You could generate a revocation key and then encrypt for multiple people using Shamir’s secret sharing.

https://en.wikipedia.org/wiki/Shamir's_secret_sharing

Look into ssss and gfshare, the latter explicitly discusses this use of the algorithm.

https://manpages.ubuntu.com/manpages/noble/en/man7/gfshare.7.html

this post was submitted on 08 Jul 2024
25 points (100.0% liked)

Privacy

31995 readers
1305 users here now

A place to discuss privacy and freedom in the digital world.

Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.

In this community everyone is welcome to post links and discuss topics related to privacy.

Some Rules

Related communities

Chat rooms

much thanks to @gary_host_laptop for the logo design :)

founded 5 years ago
MODERATORS