[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Tarsnap feature request: storing encrypted keys



I don't really trust CDs or USB keys as a long-term storage medium,
and tarsnap keys are kind of long (~5kB).  So here's a feature
request: let me upload a possibly encrypted key file to tarsnap.com so
I can re-download it if necessary, presumably using only my account
password to authenticate.

To clarify, here's a concrete proposal:

$ tarsnap-upload-key keyfile.key

This will generate a random 128-bit key, encrypt the key file against
that key, and send the result to tarsnap.com (i.e. somewhere in
AWS-land).  It will then display that key in some nice form (base64
with no I, l, or 1, for example), so I can print a few copies on
paper.  Then I can stick those pieces of paper somewhere safe.

There are plenty of elaborations possible.  For example, tarsnap.com
could refuse to let me download the encrypted key unless I can prove I
know the key-wrapping key (e.g. by presenting some hash of the key,
where that hash is stored along with the key).  There could also be a
tool that implements basic secret-sharing on the wrapping key, so I
could require, say, 2 out of 5 pieces of paper to recover the key.

Thoughts?  This requires some server-side help to work.

--Andy