[Cialug] dual passphrase encryption

Colin Burnett cmlburnett at gmail.com
Fri Dec 7 21:55:02 CST 2007


On Dec 7, 2007 9:32 PM, Matthew Nuzum <newz at bearfruit.org> wrote:
>
> Ideally, the passphrase that encrypts something is unable to decrypt it.

The only thing that comes to mind is public/private keys.  In fact,
that's exactly the purpose of them.  Nothing says you have to make the
public key, well, public.  :)

The web site would have to be able to generate a new pair for each
message (or whatever) and the secret passphrases would be what people
enter in to decrypt the keys (same deal as storing private keys
encrypted on disk).  In other words, the keys are the policy that
enforces only B can read A's messages and vice versa; and the
passphrases are to establish who is A and who is B.  As for
distributing passphrases: *shrug*.

The web site would be responsible for generating the key pair, storing
the keys, and setting passphrases on each key "on disk".

Other than using public/private keys...I have no idea.


Colin


More information about the Cialug mailing list