Encrypted Web Pages?
Martin Fick
mogulguy at yahoo.com
Tue Dec 18 16:50:22 UTC 2007
--- "Vlad \"SATtva\" Miller" <sattva at pgpru.com> wrote:
> Martin Fick wrote on 18.12.2007 01:05:
> > --- "Vlad \"SATtva\" Miller" <sattva at pgpru.com>
> wrote:
> What if on sudden he becomes aware of one of the
> recipient key's compromise? Now
> sender needs to decrypt the whole site and
> re-encrypt it to another set of public keys,
> excluding the compromised one to not
> let an attacker to lay his hands on sensitive
> data (if it's not too late already). Problems
> arises:
No need to decrypt anything, simply destroying
the compromised data is enough in my case. The
only compromised data is the data encrypted with
the compromised key.
...
> If my life was at stake, I wouldn't trust it to that
> sort of things.
I depends on what puts your life at stake,
compromised data or lost data? If the later,
than certainly such a system is not for you
(but neither are most alternate solutions),
if the former I wouldn't trust any other type
of system!
> And finally there is a gap in the threat model. If
> we treat webserver as
> untrusted (or even malicious) then we can't discard
> a trivial option of
> DoS attack: server (or hosting provider) may simply
> erase the contents
> of the website or block access for legitimate users.
Not a major concern in my threat model. Lost data is
not compromised data. This can easily be coded around
with redundant separate isolated secret hosting.
-Martin
____________________________________________________________________________________
Looking for last minute shopping deals?
Find them fast with Yahoo! Search. http://tools.search.yahoo.com/newsearch/category.php?category=shopping
More information about the tor-talk
mailing list