On Saturday, February 21, 2015 at 7:25:54 AM UTC-5, Ilya Bizyaev wrote: > > Wow, thank you! Now I see that making an encrypted header at the beginning > of the file is a great idea! I won't add any flags, and leave less space > for keys (as 128 bits is enough for AES-128 key). However, I would add a > field which would make it impossible to decrypt file after certain date (as > the user wants, of course). Thanks for such a useful answer!
A field may not work as expected and your adversary will not honor it. I think there may be other things to consider, too. I think you will need something like a split key with a trusted escrow agent that "forgets" its share of the encrypted key when it expires. That way, its really not recoverable when it expires. Also see papers like "File system design with assured delete", https://www.isoc.org/isoc/conferences/ndss/07/papers/file_system_assured_delete.pdf. -- -- You received this message because you are subscribed to the "Crypto++ Users" Google Group. To unsubscribe, send an email to [email protected]. More information about Crypto++ and this group is available at http://www.cryptopp.com. --- You received this message because you are subscribed to the Google Groups "Crypto++ Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. For more options, visit https://groups.google.com/d/optout.
