On Wed, 8 Jun 2005, Perry E. Metzger wrote:
> Dan Kaminsky <[EMAIL PROTECTED]> writes: > > Yes, because key management is easy or free. Eh - my experience is that that is where 99% of the cost is - in the whole human procedures and vetting around it. The paper work, the auditing, dealing with corperate power shuffles, getting 'hard' retention rules out of the resonsible people and their conflicting advisors, etc. > If you have no other choice, pick keys for the next five years, > changing every six months, print them on a piece of paper, and put it > in several safe deposit boxes. Hardcode the keys in the backup We've been doing systems much like this; with the added twist that a) data is keyed to a key matching how long its retention policy is, b) every month or so certain private keys are destroyed as the data keyed to has reached its limit and c) they are stored (with a recovery scheme) on tamperproof dallas iButtons (which have a reliable clock) to make the issues around operations (destroy at the right time) and trust (no need to trust they key maker). > Er, no. An error in CBC wipes out only the following block. Errors do > not propagate past that in CBC. This is not especially worse than the > situation right now. And in actual practice we do not see this in the real world. We -do- see serious issues with the compression used inside the drives though. Specialist can help you - and the data you get back from them can then be decrypted. The fact that it is opaque is not a problem for those recovery experts. Dw. --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]