lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
From: raju at linux-delhi.org (Raj Mathur)
Subject: Re; Time Expiry Algorithm

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

>>>>> "jax" == Jacqueline Singh <jacqueline.singh@...il.com> writes:

    jax> /me shakes her head at Andrew Farmer.  Okay, now it's just
    jax> ridiculous to suggest that you wouldn't be able to implement
    jax> a time limitation on something encrypted simply because
    jax> "clocks can be changed".

    jax> What 'clocks' are talking about -- which are you basing it
    jax> off of?

    jax> What if you decided to code into the encryption the use of
    jax> atomic clocks, and include more than one or two as a
    jax> redundancy/security check?

    jax> Someone's really going create a huge conspiracy to change a
    jax> few of the world's atomic clocks drastically to be able to
    jax> crack someone's encrypted data? :P

Nope, but one would happily set a policy that re-routed requests to
the atomic clocks to a local system, also with flawed time, in an
intermediate router.  There is no way to have time-limited encryption,
even under control of a remote server, since the first time the
document is decrypted and rendered the client just needs to save the
decrypted document.

Remember Apple's Fairplay and Hymn?  Similar problem -- once the
decrypted data stream is available on the local PC there's no way to
prevent the user from saving it in a format of her choice; unless you
make a blackbox appliance, which too would get cracked eventually.

Regards,

- -- Raju

    jax> -jax


    >> To: "Gautam R. Singh" <gautam.singh@...il.com> Cc:
    >> Full-Disclosure Full-Disclosure
    >> <full-disclosure@...ts.netsys.com> From: Andrew Farmer
    >> <andfarm@...novis.com> Subject: Re: [Full-Disclosure] Time
    >> Expiry Alogorithm??  Date: Fri, 19 Nov 2004 10:28:20 -0800

    jax> Gautam R. Singh <gautam.singh@...il.com> wrote:
    >> I was just wondering is there any encrytpion alogortim which
    >> expires with time.  For example an email message maybe
    >> decrypted withing 48 hours of its delivery otherwise it become
    >> usless or cant be decrypted with the orignal key

    >>> No. Think about it for a moment.

    >>> (Clocks can be changed.)

- -- 
Raj Mathur                raju@...dalaya.org      http://kandalaya.org/
       GPG: 78D4 FC67 367F 40E2 0DD5  0FEF C968 D0EF CC68 D17F
                      It is the mind that moves
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)
Comment: Processed by Mailcrypt 3.5.8 <http://mailcrypt.sourceforge.net/>

iD8DBQFBoLbtyWjQ78xo0X8RAhuEAJ0Zp0ENFfd61vlrs1DvESAiUMWUYwCcCpFz
DFmp9llBJjGaabDfmnnX1NM=
=dQSw
-----END PGP SIGNATURE-----

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ