# Protecting a private key by spreading it over multiple places

Just splitting the file up will not have the desired effect (as A.Hersean explains in their answer).

I think what you're looking for is "Secret Sharing" algorithms, most notably Shamir's Secret Sharing algorithm (thanks @heinrich5991), where the secret is split up into N pieces and given to different people for safe-keeping. To reconstruct the secret, all N pieces (or in some variants, only k of the pieces) need to be brought together. The attacker gains no information unless they have all the pieces.

Although used in many applications, I don't believe it is available in openssl or CAPI. There are many robust open source implementations -- see this question, but you'll need to do some homework to decide if you trust the implementation to not be back-doored.

There is also the related concept of "Multi-party encryption"; where you encrypt the secret with multiple people's public keys, and then all of them need to participate in decrypting it. Here's a SO tread about it:

Encryption and decryption involving 3 parties

You can do a poor-man's version of this using only the RSA implementation you already have by chaining RSA encryption:

```
RSA(key1, RSA(key2, RSA(key3, secret) ) )
```

If you want 3 people to encrypt, but only 2 of them need to be present to decrypt, then you can store 3 versions of the ciphertext:

```
RSA(key1, RSA(key2, secret) )
RSA(key2, RSA(key3, secret) )
RSA(key1, RSA(key3, secret) )
```

A private or secret key is not meant to be cut. For example, if someone get hold of half of a symmetric key of 128 bits, the strength of the key would not be divided per 2, but it would be reduced by 18446744073709551616 (= 2⁶⁴). The remaining part of the key could be broken very fast. The same holds for asymmetric key (used by CAs), but the math is more complex.

So do not do it. This will increase the complexity of your solution while reducing its security, because you would have at least two places to secure instead of just one.