Under the current scheme, only two backups need to be compromised for someone to gain access to the encrypted data. We could require 3 or more people to collaborate to decrypt a backup. This would be useful for paranoid people backing up PGP keys, for example.
Consider using something like Shamir's Secret Sharing. Not sure if there are any well-tested libraries for that. Or perhaps simply use multiple layers of encryption for the master key....
Under the current scheme, only two backups need to be compromised for someone to gain access to the encrypted data. We could require 3 or more people to collaborate to decrypt a backup. This would be useful for paranoid people backing up PGP keys, for example.
Consider using something like Shamir's Secret Sharing. Not sure if there are any well-tested libraries for that. Or perhaps simply use multiple layers of encryption for the master key....