Fork me on GitHub
#crypto
<
2018-12-10
>
ghadi22:12:12

---> from #clojure what kind of public key properties are you looking for?

datran22:12:51

gpg is sort of what I have in mind, but I don't really care about web-of-trust things

datran22:12:07

I would like to be able to generate priv/public keypairs on the fly

ghadi22:12:09

do you need to interact with various other things, or is it all in house?

ghadi22:12:14

GPG can do a lot

ghadi22:12:35

are you looking for public key stuff, or doing key agreement + symmetric crypto?

datran22:12:42

yeah, I do not need the whole GPG kitchen sink

datran23:12:33

I would like to be able to generate public and private keys for users, break the private key apart with Shamir's secret sharing, and then store the shares in different places

datran23:12:55

The idea being to reassemble the private key to decrypt messages encrypted with the public key

ghadi23:12:14

that sounds legit. Consider not encrypting using public key encryption alone -- many systems do key wrapping (of a symmetric key)

ghadi23:12:47

break up the shares for recovery, but the private key is only used to decrypt a symmetric secret, and it's that secret that is used to encrypt/decrypt the data

ghadi23:12:09

or you can derive secrets from a root secret using a derivation scheme

datran23:12:57

well, I'd like to start simple and build it up. I was hoping to play around with a toy implementation in a repl, but haven't had a good time with it yet

datran23:12:24

I looked at buddy, but that requires shelling out to openssl to actually generate the keypair, and I'd rather not have the external dep if I don't need it

datran23:12:04

ok, cool, the codahale one seems to make a lot more sense than secretshare

datran23:12:12

at least, I've gotten it to work

datran23:12:44

I'll have to try the java keypair stuff now