If you use LastPass to store your passwords and such, there is an option called Emergency Access - you nominate another person who will be able to access your data (main use case is after you have died) - you specify a wait time - this enables you to decline their attempt to access your data while you are still alive.
When you pass away, they request emergency access - messages are sent to you alerting you of this, but as there is no email in Heaven/Hell, you do not respond. After the specified wait time, they are granted access to your data…
BUT
Doesn’t this imply that there is an unencrypted copy of the data on the LastPass server?
If it were the case that my data was encrypted using, say, a locally-created public key, then uploaded in encrypted form, and only decrypted locally (using the private key) after downloading/retrieving the encrypted form, then another person without my private key would only be able to gain emergency access to the encrypted form. If they can just get it after an interval (during which I specifically do not intervene or give them anything), that must mean the data can be decrypted outside of my control, must it not?
It’s been well worked out how to “share keys” in such a way that each key holder can access the data without anyone else being able to access it. You can even set up a system where, for example, any 3 of 5 people could get together and access something but not 2 of five.
But the usual crypto caveat applies: Just because the idea is sound in no way means the implementation was done right.
Thanks - that’s actually what I was hoping to find, but couldn’t see anywhere. Interestingly, I think the process just feels a bit too opaque - from my point of view, inviting someone to Emergency Access didn’t seem to do anything other than add them to a page (I was expecting there to be a process where I would see confirmation of key exchange)
The simple way to do this is that none of the users actually has the decryption key for the big data set. Rather, you have a key that decrypts the encryption on one very small encrypted file, and that very small encrypted file contains the key used for the big data set. If you want multiple users to have access, then you just make multiple copies of the key, each one encrypted by a different user’s personal key.
It’s like one of those lockboxes that you mount on your porch with a spare key inside. Now make a different lockbox, with a different combination, and put a key in that, too.