Paperback: A Digital Will and Backup System for the Reasonably Paranoid
Yuma Theatre | Sun 16 Jan 10:45 a.m.–11:30 a.m.
Presented by
-
Aleksa Sarai
@lordcyphar
https://www.cyphar.com/
Aleksa Sarai is a core developer and maintainer of runc and umoci, contributor and maintainer of Open Container Initiative specifications, and a Linux kernel contributor. He works on the containers team at SUSE, maintaining various core parts of the lower levels of the containers stack and related software for both SUSE Linux Enterprise and openSUSE; he is also committed to working in the open, and is a strong proponent of Free Software.
Aleksa Sarai
@lordcyphar
https://www.cyphar.com/
Abstract
Leaving digital assets to your heirs is currently fairly risky. You can put all of the information needed to access those digital assets in a will, but how much do you trust your lawyer to have good OPSEC? And what if you don't want to have to use a lawyer, or want to use several lawyers? Another common problem is wanting to have an encrypted backup system, but you're bad at remembering good passphrases. Depending on your particular situation, these two scenarios can also overlap and you want to give your friends and family the ability to access backups or other private data in the case you are incapacitated or worse.
Paperback attempts to solve both of these problems through a fairly low-tech paper-based backup solution based on Shamir Secret Sharing (SSS). While there are a few other threshold backup systems, paperback is the first one I am aware of which is trying to make itself usable by a less technically-capable people (after all, the main user will be your heirs who are not necessarily technically capable) and not depend on any digital services except during the creation and recovery of backups. It also supports some neat features (such as allowing new shards to be minted after the fact) which are straight-forward applications of SSS but to my knowledge are not found in many other SSS-based projects.
In this talk, we will go through the design and philosophy behind paperback, some interesting applications, the current state of the project and where you may be able to help. Proposals for better names will also be accepted.
Leaving digital assets to your heirs is currently fairly risky. You can put all of the information needed to access those digital assets in a will, but how much do you trust your lawyer to have good OPSEC? And what if you don't want to have to use a lawyer, or want to use several lawyers? Another common problem is wanting to have an encrypted backup system, but you're bad at remembering good passphrases. Depending on your particular situation, these two scenarios can also overlap and you want to give your friends and family the ability to access backups or other private data in the case you are incapacitated or worse. Paperback attempts to solve both of these problems through a fairly low-tech paper-based backup solution based on Shamir Secret Sharing (SSS). While there are a few other threshold backup systems, paperback is the first one I am aware of which is trying to make itself usable by a less technically-capable people (after all, the main user will be your heirs who are not necessarily technically capable) and not depend on any digital services except during the creation and recovery of backups. It also supports some neat features (such as allowing new shards to be minted after the fact) which are straight-forward applications of SSS but to my knowledge are not found in many other SSS-based projects. In this talk, we will go through the design and philosophy behind paperback, some interesting applications, the current state of the project and where you may be able to help. Proposals for better names will also be accepted.