[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <16800.46845.890153.687702@mail.linux-delhi.org>
From: raju at linux-delhi.org (Raj Mathur)
Subject: Re; Time Expiry Algorithm
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
>>>>> "jax" == Jacqueline Singh <jacqueline.singh@...il.com> writes:
jax> /me shakes her head at Andrew Farmer. Okay, now it's just
jax> ridiculous to suggest that you wouldn't be able to implement
jax> a time limitation on something encrypted simply because
jax> "clocks can be changed".
jax> What 'clocks' are talking about -- which are you basing it
jax> off of?
jax> What if you decided to code into the encryption the use of
jax> atomic clocks, and include more than one or two as a
jax> redundancy/security check?
jax> Someone's really going create a huge conspiracy to change a
jax> few of the world's atomic clocks drastically to be able to
jax> crack someone's encrypted data? :P
Nope, but one would happily set a policy that re-routed requests to
the atomic clocks to a local system, also with flawed time, in an
intermediate router. There is no way to have time-limited encryption,
even under control of a remote server, since the first time the
document is decrypted and rendered the client just needs to save the
decrypted document.
Remember Apple's Fairplay and Hymn? Similar problem -- once the
decrypted data stream is available on the local PC there's no way to
prevent the user from saving it in a format of her choice; unless you
make a blackbox appliance, which too would get cracked eventually.
Regards,
- -- Raju
jax> -jax
>> To: "Gautam R. Singh" <gautam.singh@...il.com> Cc:
>> Full-Disclosure Full-Disclosure
>> <full-disclosure@...ts.netsys.com> From: Andrew Farmer
>> <andfarm@...novis.com> Subject: Re: [Full-Disclosure] Time
>> Expiry Alogorithm?? Date: Fri, 19 Nov 2004 10:28:20 -0800
jax> Gautam R. Singh <gautam.singh@...il.com> wrote:
>> I was just wondering is there any encrytpion alogortim which
>> expires with time. For example an email message maybe
>> decrypted withing 48 hours of its delivery otherwise it become
>> usless or cant be decrypted with the orignal key
>>> No. Think about it for a moment.
>>> (Clocks can be changed.)
- --
Raj Mathur raju@...dalaya.org http://kandalaya.org/
GPG: 78D4 FC67 367F 40E2 0DD5 0FEF C968 D0EF CC68 D17F
It is the mind that moves
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)
Comment: Processed by Mailcrypt 3.5.8 <http://mailcrypt.sourceforge.net/>
iD8DBQFBoLbtyWjQ78xo0X8RAhuEAJ0Zp0ENFfd61vlrs1DvESAiUMWUYwCcCpFz
DFmp9llBJjGaabDfmnnX1NM=
=dQSw
-----END PGP SIGNATURE-----
Powered by blists - more mailing lists