--- "Vlad \"SATtva\" Miller" <[EMAIL PROTECTED]> wrote: > Martin Fick wrote on 18.12.2007 01:05: > > --- "Vlad \"SATtva\" Miller" <[EMAIL PROTECTED]> > wrote:
> What if on sudden he becomes aware of one of the > recipient key's compromise? Now > sender needs to decrypt the whole site and > re-encrypt it to another set of public keys, > excluding the compromised one to not > let an attacker to lay his hands on sensitive > data (if it's not too late already). Problems > arises: No need to decrypt anything, simply destroying the compromised data is enough in my case. The only compromised data is the data encrypted with the compromised key. ... > If my life was at stake, I wouldn't trust it to that > sort of things. I depends on what puts your life at stake, compromised data or lost data? If the later, than certainly such a system is not for you (but neither are most alternate solutions), if the former I wouldn't trust any other type of system! > And finally there is a gap in the threat model. If > we treat webserver as > untrusted (or even malicious) then we can't discard > a trivial option of > DoS attack: server (or hosting provider) may simply > erase the contents > of the website or block access for legitimate users. Not a major concern in my threat model. Lost data is not compromised data. This can easily be coded around with redundant separate isolated secret hosting. -Martin ____________________________________________________________________________________ Looking for last minute shopping deals? Find them fast with Yahoo! Search. http://tools.search.yahoo.com/newsearch/category.php?category=shopping