Multi Eyepairs Only - GPG
Ciphering a file for N people, but only M of them are required to decipher it. N and M can be chosen at ciphering time. It requires a properly configured GnuPG.
Usage - encrypt
I want to cipher the file
important.txt, for 5 of my friends, but
3 of them have to use their private keys, to decipher the document:
$ meogpg -m 3 -r friend1 -r friend2 -r friend3 -r friend4 -r friend5 \ < important.txt > ciphered.tar
Usage - decrypt
ciphered.tar above contains files like this:
M0 M1 M2 M3 M4 P
The M files contain ciphered keys for every user, in plain text. The P file
contains the original
important.txt contents, ciphered with a
symmetric key combination of those inside the M files.
ciphered.tar, each user should attempt to decrypt
the M-files. Only one of them will be for each friend. These decrypted text
files have to be concatenated together, and written to a file
keys.txt. Notice that the contents of 3 M-files
are enough. Less would not be enough.
$ meogpg -d keys.txt < P > unciphered.txt
Then you have the original
important.txt contents, if all went right.
How does it work
A bunch of symmetric keys are generated. The XOR of all those keys is the symmetric key to cipher the file.
Each user is given a part of those symmetric keys taking part on the XOR, ciphered through asymmetric encryption for each one. Each user has access to so much keys as required, to fulfill the original requirement: N recipients - M minimum to access the ciphered data.
-v will output all keys and intermediate
data to stderr.
Trunk source: meogpg-trunk.tar.gz
Download the go toolkit, and in the directory of the code, run:
nix-build && nix-env -i ./result
Author: Lluís Batlle i Rossell <firstname.lastname@example.org> (remove any xa)
Based on the MEO work from Peter Stamfest, I implemented the same approach but based on GnuPG instead of X.509, PKCS#11 and PKCS#12.
My friends happen to be closer to GnuPG than to those other technologies.
Instead of using the same file format as in the MEO paper and implementation, I use a simpler approach of a TAR file. I didn't look at the code of Peter Stamfest to develop meogpg; out of the main calculations already described in the paper, both programs take a different enough implementation.