The Distributed Privacy Guard (DKGPG) implements Distributed KeyGeneration (DKG) and Threshold Cryptography for OpenPGP. The generatedpublic keys are compatible with the standard and thus can be used by anyRFC4880-compliant application (e.g. GnuPG). The main purposes of thissoftware are distributing power among multiple parties, eliminating singlepoints of failure, and increasing the difficulty of side-channel attackson private key material.
DKGPG consists of a bunch of simple command-line programs. The currentimplementation is inexperimental state and shouldNOT beused in production environments. Motivation, cryptographical backgroundand some usage scenarios have been presented at 26th Krypto-Tag (GIWorking Group) and Datengarten/81 (CCCB). Please consult theslides fora first overview. There are someupdated slides(35C3).
Using well-established multi-party protocols a shared private key and acommon public key (currently DSA/ElGamal only) is generated. Then furtherinteractive protocols perform the private operations like decryption andsigning of files and keys, provided that a previously defined threshold ofparties/devices take part in the distributed computation.Due to the interactiveness of the protocols a lot of messages betweenparticipating players have to be exchanged in a secure way. We employGNUnet, and in particular its meshrouted CADET service, to establish private and broadcast channels forthis message exchange. However, as alternative to GNUnet a simple TCP/IPbased service for message exchange is included. With torsocks andport-forwarding of a local hidden service this allows running theinteractive programs over the well-knownTor network. (Of course, a localnetwork will also work.)
Distributed Privacy Guard isFree Software according to the definitionof theFree Software Foundation.The source code is released under the GNU General Public LicenseVersion 2,or (at your option) any later version published by the Free Software Foundation.
The package depends on following free software libraries:
Themost recent version of DKGPG isdkgpg-1.1.3.tar.gz.Older versions are available on thedownload page.
Please verify thesignaturewith a trusted version of theGNU Privacy Guard or any otherOpenPGP-compliant software before you unzip the above file.The corresponding public key (will be revoked soon) can be foundhere.Additionally, you should verify thesignatureof mydistributed code signing key. The corresponding public key canbe found on several key servers.
Copyright © 2017--2019 Heiko Stamer
This page is licensed under aCreativeCommons Attribution-NoDerivatives 4.0 International License.