-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
jax == Jacqueline Singh [EMAIL PROTECTED] writes:
jax /me shakes her head at Andrew Farmer. Okay, now it's just
jax ridiculous to suggest that you wouldn't be able to implement
jax a time limitation on something encrypted simply because
jax clocks can be changed.
jax What 'clocks' are talking about -- which are you basing it
jax off of?
jax What if you decided to code into the encryption the use of
jax atomic clocks, and include more than one or two as a
jax redundancy/security check?
jax Someone's really going create a huge conspiracy to change a
jax few of the world's atomic clocks drastically to be able to
jax crack someone's encrypted data? :P
Nope, but one would happily set a policy that re-routed requests to
the atomic clocks to a local system, also with flawed time, in an
intermediate router. There is no way to have time-limited encryption,
even under control of a remote server, since the first time the
document is decrypted and rendered the client just needs to save the
decrypted document.
Remember Apple's Fairplay and Hymn? Similar problem -- once the
decrypted data stream is available on the local PC there's no way to
prevent the user from saving it in a format of her choice; unless you
make a blackbox appliance, which too would get cracked eventually.
Regards,
- -- Raju
jax -jax
To: Gautam R. Singh [EMAIL PROTECTED] Cc:
Full-Disclosure Full-Disclosure
[EMAIL PROTECTED] From: Andrew Farmer
[EMAIL PROTECTED] Subject: Re: [Full-Disclosure] Time
Expiry Alogorithm?? Date: Fri, 19 Nov 2004 10:28:20 -0800
jax Gautam R. Singh [EMAIL PROTECTED] wrote:
I was just wondering is there any encrytpion alogortim which
expires with time. For example an email message maybe
decrypted withing 48 hours of its delivery otherwise it become
usless or cant be decrypted with the orignal key
No. Think about it for a moment.
(Clocks can be changed.)
- --
Raj Mathur[EMAIL PROTECTED] http://kandalaya.org/
GPG: 78D4 FC67 367F 40E2 0DD5 0FEF C968 D0EF CC68 D17F
It is the mind that moves
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.2.4 (GNU/Linux)
Comment: Processed by Mailcrypt 3.5.8 http://mailcrypt.sourceforge.net/
iD8DBQFBoLbtyWjQ78xo0X8RAhuEAJ0Zp0ENFfd61vlrs1DvESAiUMWUYwCcCpFz
DFmp9llBJjGaabDfmnnX1NM=
=dQSw
-END PGP SIGNATURE-
___
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html