511
Keyhotee / Re: How will Keyhotee guard the usage of private key for ID?
« on: December 07, 2013, 04:11:04 pm »Keyhotee asks you for your password when you start the program and will keep your private key in memory only. On disk it is always encrypted.
In order to process incoming messages your private key needs to be 'live' at all times. There is no way around that.
With the wallet system you only need your private key for sending money.
Bottom line, you are relying on the physical security of your computer and OS while Keyhotee is open. Any bright ideas on how to improve that?
I really want to store the private key offline.
How about this way.
We use 2 private key,mainkey and subkey,with different power(or we can say:usage).
They work like this.
1,I generate a mainkey on an offline PC,then I use it to register my kehotee ID.
mainkey<->kehotee ID
2,I generate a subkey and sign this information(subkey's publickey + "active subkey") with my mainkey on offline pc.
then I broadcast this info to p2pnet.I use subkey to login,decrypt, signature and etc.
mainkey->active subkey
subkey->login
subkey->send mail
subkey->read mail
subkey->delete my mail from p2pnet
3,If my subkey was lost or leaked,I can sign information(subkey's publickey + "destroy subkey") with my mainkey
and broadcast it to p2pnet.Attacker maybe already see my history mail,but he cannot do anything more
when I destroyed my old subkey and active a new subkey.
Most important thing is,I don't have to destroy my kehotee ID,Specifically my founder ID.And Attacker cannot
destroy my kehotee ID with only subkey too.
mainkey->destroy subkey
mainkey->destroy ID
4,My keyhotee ID is totally safe now.
We can make more function with mainkey and subkey.
:-)
good idea