From: Paul Bradley <paul@fatmans.demon.co.uk>
Date: Wed, 18 Jun 1997 19:30:25 +0800
To: David Coe <dcoe@overlord.com>
Subject: Re: keeping secrets and knowing when they're compromised
In-Reply-To: <33A57FB8.662D1FCA@overlord.com>
Message-ID: <Pine.LNX.3.91.970617161005.787D-100000@fatmans.demon.co.uk>
MIME-Version: 1.0
Content-Type: text/plain




> > I also want to know, if I'm still around, when and if those documents
> > are decrypted.  I.e. In the event that my friend isn't as trustworthy
> > as I presume, I want to find out if s/he decrypts the files while I'm
> > still around.

There is a solution, a simple one, that can split the repsonsibility.

Encrypt the documents with a normal symmetric cryptosystem, something 
strong and unlikely to be compromised in the near future, say LOKI or 
IDEA, or maybe 3DES if you trust it.

XOR the key with a random value, give the result to your friend and print 
out the random value, sign it and give it to a bank or solicitor as a 
bequest in your will to your friend.

If and when something does happen the friend proves your death to the 
bank using probate or a death certificate, gets the random value, XORs it 
with the string you gave her and she has the key. She can then easily 
decrypt the data. 

Yes, it does involve a third party, but it is unlikely your friend could 
collude with a respected bank or solicitor/notary to recover the key...
Really all depends how paranoid you are.

        Datacomms Technologies data security
       Paul Bradley, Paul@fatmans.demon.co.uk
  Paul@crypto.uk.eu.org, Paul@cryptography.uk.eu.org    
       Http://www.cryptography.home.ml.org/
      Email for PGP public key, ID: FC76DA85
     "Don`t forget to mount a scratch monkey"