3.4.2 Backup Keys

In addition to their physical devices, a user can add so-called “virtual devices” to their sighchain. Virtual devices also have signing and encryption key pairs associated with them, but instead of strictly corresponding to the physical device that generated them, these keys may be exported or communicated to other parties and are used to provide additional functionality. Virtual devices are treated like physical ones: they can be added and removed from the user’s device list, other devices encrypt PUKs for them, and the corresponding private keys can be used to approve other devices or rotate PUKs.

A backup key is a string of letters and digits which the user can write down on paper. By entering the string on a new device, the user can decrypt and recover their encrypted data if all other existing physical devices become unavailable.

Backup keys can be generated by one of the user’s existing devices. Note that the backup key can have at most the PUK access of the generating device. Backup keys are added to a user’s device list using a DeviceAddAndApprove operation (which combines DeviceAdd and BatchApprove, as described above).

The device generates a high entropy string, which is displayed as a sequence of letters and digits, such as “Z830 AD11 5HMJ RJ62 6H75 78DB EOVS 4KSF”.

The first four characters are used as a key identifier and are not considered private. Backup keys have at least 128 bits of private entropy, as well as built-in error correction to tolerate small copy-pasting mistakes. The backup key string is used to derive a seed using scrypt[5] algorithm[26], which is then used to derive the device’s signing and encryption keys.

Previous3.4.1 Per-User KeysNext3.4.3 Escrow Keys

Last updated 3 months ago

Previous3.4.1 Per-User Keys Next3.4.3 Escrow Keys