At 01:45 PM 3/21/2002 +1100, McMeikan, Andrew wrote: >Question. Is it possible to have code that contains a private encryption >key safely? Every way I look at it the answer seems no, yet some degree of >safety might be possible by splitting an encrypting routine across several >nodes. Can someone give me a pointer to any work in this area?
I don't believe so, but maybe someone else on the list has a better answer. Secret splitting will clearly make it harder for Mallet to gather the key. In the past Atalla (later Compaq, now HP) and Harris sold hardware boxes that kept keys in tamper proof boxes. They worked because opening the box lost the key. Banks used them heavily in the late 1990s. The usual good solution is to make a human type in a secret. The usual bad solution is to store it in a secret place, or encrypted with a key kept elsewhere (source, secret file, LDAP, etc.) The old CyberCash wallet, which used strong RSA keys, used simple 56bit DES to protect the private key on the local PC's hard disk. The thinking was that user won't use more entropy in their keys to really justify 3DES, and once one has physical access to the computer and hard drive, there are simpler attacks than breaking the crypto on the key: keystroke sniffers being one obvious example. I'd also love to hear of real solutions to protecting a key stored on local disk Pat Pat Farrell [EMAIL PROTECTED] http://www.pfarrell.com --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]