[Cialug] dual passphrase encryption

[Matthew Nuzum]

On Dec 7, 2007 10:21 PM, Colin Burnett <cmlburnett at gmail.com> wrote:

> On Dec 7, 2007 10:05 PM, Jeffrey Ollie <jeff at ocjtech.us> wrote:
> >
> > Well, if the webserver has a copy of all of the private keys there
> > wasn't much point to the exercise other than wasting CPU cycles.
>
> The server has a copy of all keys but no copy of the passphrases, thus
> you have secrecy.  The key relationship enforces that A can only talk
> to B and B can only talk to A.  Unless I'm misunderstanding Matthew:
> this accomplishes what he wants.  Specifically:
>
> "Ideally, the passphrase that encrypts something is unable to decrypt
> it.  The goal is to create a web application that can store a secret
> message. Someone types a message, the server encrypts it and one of
> two people can decrypt it."
>
> I guess I don't fully understand his (read: his friend) overall
> intentions.  A tricky point when it comes to encryption.
>

The server sends out reports when people make donations. The information is
considered very private. It's sent after a transaction so that the data
doesn't need to be stored on the server. Right now most of the people
successfully get the reports via gpg. I guess it's becoming a problem with
people who are upgrading their computers. They can't re-install winpt and
gnupg. The thought is that it'd be nice to store the data on the server in a
way that can't be decrypted. Then a person could come to a web page with a
simple UI and enter some password to decrypt the data.

The point about the insecurity of sending the password to the server to
decrypt the data being a bad idea is well taken. Unless there's a decryption
routine written entirely in javascript then there may not be any solution to
that. :-(

-- 
Matthew Nuzum
newz2000 on freenode
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://cialug.org/pipermail/cialug/attachments/20071207/fdbc16e1/attachment.htm