securely backing up gpg private keys.. to the cloud‽
Joey Hess
http://linux.conf.au/schedule/presentation/152/
Imagine a world in which gpg was not hard to use, and was used widely. Users exchange encrypted email, gpg sign comments on websites, make encrypted backups, and so on.
What happens, in that world, when a user's gpg private key gets deleted? The only backup is encrypted with the lost private key. Catch 22.
We're not in that world, and so we don't often worry about this problem. Unless we've lost gpg key ourselves. But solving the gpg key backup problem seems a necessary step in the path toward that world.
Most ways to back up gpg private keys require physical security, like a safe to keep the key in, and often cumbersome backup and restore procedures.
Keysafe makes backup and restore easy, by backing the private key up to the cloud. It necessarily trades off some security to do so, but manages to make it very expensive to compromise its backups. I'll explain how Argon2, Shamir Secret Sharing, relatively weak passwords, and AES decryption puzzles are combined in keysafe to accomplish this.
Видео securely backing up gpg private keys.. to the cloud‽ канала linux conf au 2017 - Hobart, Australia
http://linux.conf.au/schedule/presentation/152/
Imagine a world in which gpg was not hard to use, and was used widely. Users exchange encrypted email, gpg sign comments on websites, make encrypted backups, and so on.
What happens, in that world, when a user's gpg private key gets deleted? The only backup is encrypted with the lost private key. Catch 22.
We're not in that world, and so we don't often worry about this problem. Unless we've lost gpg key ourselves. But solving the gpg key backup problem seems a necessary step in the path toward that world.
Most ways to back up gpg private keys require physical security, like a safe to keep the key in, and often cumbersome backup and restore procedures.
Keysafe makes backup and restore easy, by backing the private key up to the cloud. It necessarily trades off some security to do so, but manages to make it very expensive to compromise its backups. I'll explain how Argon2, Shamir Secret Sharing, relatively weak passwords, and AES decryption puzzles are combined in keysafe to accomplish this.
Видео securely backing up gpg private keys.. to the cloud‽ канала linux conf au 2017 - Hobart, Australia
Показать
Комментарии отсутствуют
Информация о видео
19 января 2017 г. 17:45:28
00:30:35
Другие видео канала
Helping Caterpillars FlyLightning TalksODF: Great standard, but what works?Preventing Deserialization attacks in Java applicationsOrganizational Change: Challenges in shipping open source firmwareListening to the Needs of Your Global Open Source CommunityA guide to selecting FOSS licences for programmers and open culture enthusiastsLinux-Kernel Memory Ordering: Help Arrives At Last!CuriosityKilledThe.cat@fastmail.comOpen Compute Project down underSurviving the Next 30 Years of Free SoftwareIoTuz software design challenges and ESP-IDF (Iot Development Framework)Advances in CPU Frequency ManagementThe dangerous, exquisite art of safely handing user-uploaded filesDrink from the firehose: release-monitoring.orgPushing on a Piece of String - OSIAs adventures in influencing governmentsChaosKey To ProductionProgress in the Alliance for Open MediaReusable R for automation, small area estimation and legacy systemsWriting less, saying more: UX lessons from the small screenCommunity Building Beyond the Black Stump