Hi all,
Working through some things like a Will (I am fine, just normal life planning), and debating on methods for digital management when I do die.
I run a lot of self-hosted services for family and friends, all on secured servers with ZFS and on/off site backups. Key ingredient is Vaultwarden for password management.
I’d like to put something in place so that encryption keys, some docs, and key passwords are released to a tech savvy friend. Anyone know of existing solutions for this?
Requirements of:
- Not providing keys to a third-party beforehand
- Not forgeable to open
- If possible, no “weekly press a button”
I’m thinking some kind of key pair where my friend has the private key and the public key is provided to a family member, and when activated a timer starts where I could cancel the release.
Great idea. My poor mans version idea was an encrypted data set inside another encrypted data set to require two people, but Shamir’s seems like a much better option.
I’m still a bit split on this. And whether the complexity and reliability is good enough for the use case… I mean if you don’t need N-out-of-M, but it’s just two people: cut a password or key in half. Same if it’s N-out-of-N people, you just need to make some puzzle pieces and hand them out, we don’t really need encryption and fancy maths for that. But I guess encrypting something would work, too. Just use a program or algorithm that’s likely still around when it’s going to be used. And you can always add a sheet of paper or PDF with instructions. Maybe save the executable file to to decrypt it somewhere if the solution requires software.