A System for Handling 1 Compromised Key (lemm.ee)

submitted 1 month ago* (last edited 1 month ago) by jeffhykin@lemm.ee to c/privacy@lemmy.ml

11 comments fedilink hide all child comments

I'm asking for existing tools/systems that let me programmatically say: "here is my public key, BUT if each of these 5 other public keys all send a signed message saying that my public key has been compromised, then you should mark my public key as compromised, and use the new one they provide". (This is not for a particular task, I'm just curious if any existing auth systems are capable of this)

I call the idea "guardian keys" because it could be friends' public keys or or just more-securely-stored less-frequently-used keys that you control.

NOTE: I know this would not work for data encryption. Encrypted data is simply gone if a key is lost. But, for proving an identity, like a login, there could be a system like this but I don't know of any

top 11 comments

sorted by: hot top controversial new old

[-] OneCardboardBox 12 points 1 month ago

What you're looking for is a revocation key. You can generate one in GPG at the same time that you generate your identity key. The method of securing it is up to you. In your example, a simple way would be to encrypt it with the 5 sequential keys. Or you could break the revocation key up into K parts with Shamir's secret sharing algorithm.

This example assumes that you're using existing Web of Trust PKI to manage your public keys: https://stackoverflow.com/questions/59664526/how-the-correct-way-to-revoke-gpg-on-key-server#62644875

[-] jeffhykin@lemm.ee 3 points 1 month ago* (last edited 1 month ago)

Cool, this is exactly what I was hoping to learn but couldn't find. It sounds like its still a pretty manual process, but thats okay. If thats how it is righ now, then thats exactly what I want to know.

I'm considering making tools (GUI local app, but also website AUTH frontend/backend tooling) to try and make systems like this more commonplace and standardized. I didn't know about revocation keys, so I'm glad I heard about that before trying to build my own.

[-] rezifon@lemmy.world 2 points 1 month ago

You could generate a revocation key and then encrypt for multiple people using Shamir’s secret sharing.

https://en.wikipedia.org/wiki/Shamir's_secret_sharing

Look into ssss and gfshare, the latter explicitly discusses this use of the algorithm.

https://manpages.ubuntu.com/manpages/noble/en/man7/gfshare.7.html

[-] wildbus8979@sh.itjust.works 9 points 1 month ago* (last edited 1 month ago)

Sounds like you want GPG and the web of trust.

[-] just_another_person@lemmy.world 6 points 1 month ago

Your public key is public. It's in the name. There's no way it can be compromised, because it's meant to be disseminated publicly.

Am I missing something?

[-] jeffhykin@lemm.ee 2 points 1 month ago

Yeah, sorry I incrementally edited the title before posting and accidentally made it make no sense. I meant publicly announce that a private key was compromised

[-] just_another_person@lemmy.world 1 points 1 month ago

Got it. Well, mostly the same situation, in which you would only know if your key was compromised by finding it somewhere.

[-] Tangent5280@lemmy.world 2 points 1 month ago

You're missing the most obvious thing the OP might have meant.

I took it to mean the case when the public-private key pair has been compromised. Systems been hacked, someone looked over his shoulder when authorising himself etc etc.

So OP is just asking what happens if someone steals my private key, and I need to tell the rest of the world my Identity cannot be verified using this key pair anymore.

[-] jeffhykin@lemm.ee 1 points 1 month ago

Nailed it

[-] just_another_person@lemmy.world 0 points 1 month ago

Yeah, but that wasn't the post. Could have confused on what a public key was. Same question still applies though. If you know your private key was blown, you still need to manually clean up after it.

[-] makeasnek@lemmy.ml 2 points 1 month ago

Yes this exists. Multi-sig is also worth mentioning though it doesn't solve this problem in the way you're asking but it does eliminate the risk of total loss of security if a single key is compromised.

this post was submitted on 08 Jul 2024

25 points (100.0% liked)

Privacy

30644 readers

1822 users here now

A place to discuss privacy and freedom in the digital world.

Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.

In this community everyone is welcome to post links and discuss topics related to privacy.

Some Rules

Posting a link to a website containing tracking isn't great, if contents of the website are behind a paywall maybe copy them into the post
Don't promote proprietary software
Try to keep things on topic
If you have a question, please try searching for previous discussions, maybe it has already been answered
Reposts are fine, but should have at least a couple of weeks in between so that the post can reach a new audience
Be nice :)

Related communities

Chat rooms

[Matrix/Element]Dead
Discord

much thanks to @gary_host_laptop for the logo design :)

founded 4 years ago

MODERATORS