Someone Could Make Money on This

There's clearly a business model here for a multi-national legal partnership willing to provide this service at commodity prices.

Tales from the encrypt: the secrets of data protection | Technology | guardian.co.uk

But what if I were killed or incapacitated before I managed to hand the passphrase over to an executor or solicitor who could use them to unlock all this stuff that will be critical to winding down my affairs – or keeping them going, in the event that I'm incapacitated? I don't want to simply hand the passphrase over to my wife, or my lawyer. Partly that's because the secrecy of a passphrase known only to one person and never written down is vastly superior to the secrecy of a passphrase that has been written down and stored in more than one place. Further, many countries's laws make it difficult or impossible for a court to order you to turn over your keys; once the passphrase is known by a third party, its security from legal attack is greatly undermined, as the law generally protects your knowledge of someone else's keys to a lesser extent than it protects your own.

Finally, I hit on a simple solution: I'd split the passphrase in two, and give half of it to my wife, and the other half to my parents' lawyer in Toronto. The lawyer is out of reach of a British court order, and my wife's half of the passphrase is useless without the lawyer's half (and she's out of reach of a Canadian court order). If a situation arises that demands that my lawyer get his half to my wife, he can dictate it over the phone, or encrypt it with her public key and email it to her, or just fly to London and give it to her.

As simple as this solution is, it leaves a few loose ends: first, what does my wife do to safeguard her half of the key should she perish with me? The answer is to entrust it to a second attorney in the UK (I can return the favour by sending her key to my lawyer in Toronto). Next, how do I transmit the key to the lawyer? I've opted for a written sheet of instructions, including the key, that I will print on my next visit to Canada and physically deliver to the lawyer.

Someone could package this. There would be some details to work out, especially how best to transport the data (internet? post? special encrypted usb sticks?), but it could be done.

This entry was posted in Cryptography, Law: Practice. Bookmark the permalink.

One Response to Someone Could Make Money on This

  1. Melinda says:

    There’s a pretty substantial literature on what’s known as “threshold secret sharing,” under which rubric what’s described here probably falls (see good intro here: http://findarticles.com/p/articles/mi_qa3950/is_200310/ai_n9316935/). Security is so isolated from the rest of the industry that non-specialists tend to be unaware of some pretty useful technologies, and that’s a big problem, I think, with non-trivial consequences.

Leave a Reply

Your email address will not be published. Required fields are marked *