News
What happens to your crypto-secrets after you die?
My latest Guardian column, "When I'm dead, how will my loved ones break my password?" describes the process my wife and I went through when we drew up our wills and realized that our encrypted hard-drives and our network passwords would go with us if we died or were incapacitated, and how important it was for us to have a secure, long-term solution for decrypting our data if we croak.
I don't want to simply hand the passphrase over to my wife, or my lawyer. Partly that's because the secrecy of a passphrase known only to one person and never written down is vastly superior to the secrecy of a passphrase that has been written down and stored in more than one place. Further, many countries's laws make it difficult or impossible for a court to order you to turn over your keys; once the passphrase is known by a third party, its security from legal attack is greatly undermined, as the law generally protects your knowledge of someone else's keys to a lesser extent than it protects your own.
I discarded any solution based on putting my keys in trust with a service that sends out an email unless you tell it not to every week – these "dead man's switch" services are far less deserving of my trust than, say, my wife or my solicitor.
I rejected a safe-deposit box because of all the horror stories I've heard of banks that refuse to allow access to boxes until the will is probated, and the data necessary to probate the will is in the box.
I pondered using something called Shamir's Secret Sharing Scheme (SSSS), a fiendishly clever crypto scheme that allows you to split a key into several pieces, in such a way that only a few of those pieces are needed to unlock the data. For example, you might split the key into 10 pieces and give them to 10 people such that any five of them can pool their pieces and gain access to your crypto-protected data. But I rejected this, too – too complicated to explain to civilians, and what's more, if the key could be recovered by five people getting together, I now had to trust that no five out of 10 people would act in concert against me. And I'd have to keep track of those 10 people for the rest of my life, ensuring that the key is always in a position to be recovered. Too many moving parts – literally.
When I'm dead, how will my loved ones break my password?
6 Responses to “What happens to your crypto-secrets after you die?”
Leave a Reply
ISBN: 1600101720
ISBN: 1560259817
ISBN: 0765312786
ISBN: 0765307596
ISBN: 1568582862
ISBN: 076530953X
Cory Doctorow’s craphound.com is proudly powered by WordPress
Entries (RSS) and Comments (RSS).
You are viewing a mobilized version of this site...
View original page here
...and of course, I need to read the actual post before commenting.
Break the key into seven parts, giving each part to alternate-reality game creators, such as Jordan Weisman, each in a different country.
The one that creates the last-but-one ARG solved gets a significant monetary reward. (The penultimate solution is so that they aren't all just impossible to solve.)
So, how did you finally solve this puzzle?
What about encrypting your keys with keys for your lawyer/wife, and lodging those with a dead-man-switch service?
Hi Cory,
You write that "even the critical-files backup I keep on Amazon S3's remote storage facility is guarded by industrial-strength crypto, so I'm immune from someone raiding Amazon's servers".
Are you using the S3 dev service directly or using a commercial service based on it? Are you encrypting manually at your end or using an app for easy uploading?
I'm looking for a secure 'cloud' (ugh, I hate that term!) solution and would love to know how you solved this.
TIA.
[...] enjoyed Cory Doctorow’s column in the Guardian this week: When I’m dead, how will my loved ones break my password? [...]