[HacktionLab] Electronic sealed envelope system?

penguin penguin at riseup.net
Sat Nov 3 15:04:47 UTC 2012 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Hi Brent

I don't know of a technical solution. The only thing I can think of is
to break the passphrase into a number of smaller components and each
person only has one component. That way, at least several people
(except you, who will know the full thing) are needed to recreate the
full passphrase.

Not sure if I've explained this, so here's an example ...

You know the full thing: mypassphrase
Persons A & B know this: 1:mypa
Persons C & D know this: 2:ssph
Persons E & F know this: 3:rase

So (other than you) any person will need to contact 2 others to get
the full password. Obviously it's not 100% secure, and a major
potential downside is that all people that have a component of the
phrase need to know who the others are - so your 'enemy' may be able
to see your network of people. This is either of no consequence, or
massive, depending on your circumstances.

There's also more that one way to break a password:
https://xkcd.com/538/ ;-P


On 03/11/12 14:00, Brent wrote:
> Hi everyone
> 
> Quick question, in case anyone has ideas..
> 
> I need to selectively share a master password with a group. They
> won't need it usually, but more than just me should know it or at
> least have access to it.
> 
> Assuming people won't manage to remember it, and won't get heads
> around encrypted files or emails. Don't want to email in plain
> text.
> 
> So, is there a kind of electronic 'sealed envelope' system, where
> if the envelope (with password) is opened, others get a
> notification of the seal being broken and can then check if this is
> ok...
> 
> Hope that makes sense
> 
> 
> Luv Brent, list lurker
> 
> 
> 
> 
> _______________________________________________ HacktionLab mailing
> list HacktionLab at lists.aktivix.org 
> https://lists.aktivix.org/mailman/listinfo/hacktionlab
> 

- -- 
penguin

GPG key: http://tiny.cc/gpg-key
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://www.enigmail.net/

iQIcBAEBCAAGBQJQlTKPAAoJEJZb6mLZ7ehDmjAP/2M6gqY1T64zGYPx9XVE+AYk
bloQaEtQ5QSsPk6hv0HE6idKIqlExI0kMi9CqsS9NzWc9Q5HlPOLK/dQAGNqRvEE
vDX0F6jJdM57dkrj/ps02JkMoR6F7POU/uuRc+0i3f5IZdM4Kj6Zwjlx++bUau3T
UCMaJAfIC2K9d27JvzoHc/xbexOYPwxFoA75LfFf2coH0OSAWoc1r/TIZpOtwyqi
MVKT5qJP/5X9ajDjc7rLfsF7NH8ugJvhjo7Ofr6qXcbfOr3XQunWdLbm5mkSfY5S
cw7UEt6yHZcbp1Jl7cJXfTQyZCOcvaHsyC3oUhJU+912OLkmolnr89Ys7+p8WDEv
WqLv6/0rF7Ff4skhLBkKlbbRce3YkrDBvKyKcvpPocKpdsXDTJxbG2Tby/cAoBIo
P0C0uLqcVBN4+pL+X51iICooPADjOGTFgCuIkF76JXL88ThhGhwDZUee9tT5AkT3
ysBXRi6DtoV2F4YmajHcPjOYaaXpfdChmMtFtP7MFxnb4eizIXcG4ctwQTM+KZAy
HGJHrzvGNLm0D0IPpqPnIsdorepXy9FFyVrIyj6irnw46rgaxU3CNHJjfrsC6Svs
mz+3kyoFTlvUeunf1y57Eqxx9ThNaD6vAU/Tt8UaeUzm/kI4sGoOaYq/FM+dYCCl
6oizAOfSSTX/jGLAH7iE
=+ULv
-----END PGP SIGNATURE-----

More information about the HacktionLab mailing list