[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Tarsnap feature request: storing encrypted keys
On 09/24/12 16:59, Andy Lutomirski wrote:
> I don't really trust CDs or USB keys as a long-term storage medium,
This is why I made Tarsnap keys printable -- of course, printers bring
some security concerns and paper has its own durability issues too.
> and tarsnap keys are kind of long (~5kB). So here's a feature
> request: let me upload a possibly encrypted key file to tarsnap.com so
> I can re-download it if necessary, presumably using only my account
> password to authenticate.
This is something I've wondered about doing for a while; I'd prefer that
people not use such a feature, but I can certainly imagine it making life
easier for some people.
> To clarify, here's a concrete proposal:
>
> $ tarsnap-upload-key keyfile.key
>
> This will generate a random 128-bit key, encrypt the key file against
> that key, and send the result to tarsnap.com (i.e. somewhere in
> AWS-land). It will then display that key in some nice form (base64
> with no I, l, or 1, for example), so I can print a few copies on
> paper. Then I can stick those pieces of paper somewhere safe.
Is having that utility generate a decryption key for you better than just
using the (already existing) functionality for passphrase-protected key
files? (One obvious advantage is that there's no way for someone to pick
a poor passphrase if an encryption key is generated by the utility, I
suppose.)
My idea was that if I did this I wouldn't add any extra encryption but
have the utility refuse to upload a key file which wasn't passphrased.
> There are plenty of elaborations possible. For example, tarsnap.com
> could refuse to let me download the encrypted key unless I can prove I
> know the key-wrapping key (e.g. by presenting some hash of the key,
> where that hash is stored along with the key). There could also be a
> tool that implements basic secret-sharing on the wrapping key, so I
> could require, say, 2 out of 5 pieces of paper to recover the key.
>
> Thoughts? This requires some server-side help to work.
This is certainly something which I could add (and as I mentioned above
have thought about before). I'd be interested in hearing from anyone else
on the list who would like to see this functionality.
--
Colin Percival
Security Officer Emeritus, FreeBSD | The power to serve
Founder, Tarsnap | www.tarsnap.com | Online backups for the truly paranoid