| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
From: var at deny-all.com (Vincent Archer) Subject: Time Expiry Alogorithm?? On Fri, Nov 19, 2004 at 11:44:14AM -0500, Valdis.Kletnieks@...edu wrote: > > For example an email message maybe decrypted withing 48 hours of its > > delivery otherwise it become usless or cant be decrypted with the > > orignal key > > So now it's 3 weeks later, and I can't read the email... > > So I set the date on the PC back 20 days, and now it's within 48 hours > of delivery. Now, what was this about "unreadable"? Well, you can ensure that a mail can't be read after the elapsed time. Encrypt it with a one-time key. Make the key available for on some kind of server for the allocated period, and disappear. Unless your recipient takes the key in time, the message can't be read. However, once you have read the message once, there is nothing that can be done to prevent the user from reading it again, even after the 48h. Once the data is in the hand of the "ennemy", then you can't trust anything. -- Vincent ARCHER varcher@...yall.com Tel : +33 (0)1 40 07 47 14 Fax : +33 (0)1 40 07 47 27 Deny All - 5, rue Scribe - 75009 Paris - France www.denyall.com
Powered by blists - more mailing lists