[78827] in cryptography@c2.net mail archive
Re: data under one key, was Re: analysis and implementation of LRW
daemon@ATHENA.MIT.EDU (Vlad \"SATtva\" Miller)
Sun Feb 4 17:32:21 2007
Date: Sun, 04 Feb 2007 14:33:30 +0600
From: "Vlad \"SATtva\" Miller" <sattva@pgpru.com>
To: Allen <netsecurity@sound-by-design.com>
CC: cryptography@metzdowd.com
In-Reply-To: <45BF963B.6060906@sound-by-design.com>
This is an OpenPGP/MIME signed message (RFC 2440 and 3156)
--------------enigFF9301EA83EA90BEC71E3456
Content-Type: text/plain; charset=KOI8-R
Content-Transfer-Encoding: quoted-printable
Allen wrote on 31.01.2007 01:02:
> I'll skip the rest of your excellent, and thought provoking post as it
> is future and I'm looking at now.
>
> From what you've written and other material I've read, it is clear that=
> even if the horizon isn't as short as five years, it is certainly
> shorter than 70. Given that it appears what has to be done is the same
> as the audio industry has had to do with 30 year old master tapes when
> they discovered that the binder that held the oxide to the backing was
> becoming gummy and shedding the music as the tape was playing -
> reconstruct the data and re-encode it using more up to date technology.=
>
> I guess we will have grunt jobs for a long time to come. :)
I think you underestimate what Travis said about ensurance on a
long-term encrypted data. If an attacker can (and it is very likely) now
obtain your ciphertext encrypted with a scheme that isn't strong in
70-years perspective, he will be able to break the scheme in the future
when technology and science allows it, effectively compromising [part
of] your clients private data, despite your efforts to re-encrypt it
later with improved scheme.
The point is that encryption scheme for long-term secrets must be strong
from the beginning to the end of the data needed to stay secret.
--=20
SATtva
www.vladmiller.info
www.pgpru.com
--------------enigFF9301EA83EA90BEC71E3456
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: OpenPGP digital signature
Content-Disposition: attachment; filename="signature.asc"
-----BEGIN PGP SIGNATURE-----
Comment: Visit 'openPGP in Russia' - http://www.pgpru.com
iQEVAwUBRcWabPrpF+kHDgtzAQouwAgAjKMYqkwMhMvQlz56TaoDvaE/gzu/w4jV
iuBAm1sc4o/R91+nVtp+zxJ5mqBmXNYZeyvJ/EAfLzhlYORvyaKdLC+PZnhsSafD
ZtiC0C0SjulqPChaLO8o2nGjF51X+kzo3Uem9ExSVSEuB0iPdsDteoR+aLD16mds
RZ6Un9CRNVN0aG1gPX6PukEpmEiUnpkKIiTz4ist4pJi0P8648maSuabsn1/Orod
R0d9dC1SkzyoWMBGfkYgdtPpyImp2qumMYUForke2aPf4WNDjJSoscNQ402MsNdt
ffIRpvQA8B5p0x6C+ohGP7VZ7uZWAcpq7K8912LkLwL1JEzKqpzQ/Q==
=IUqT
-----END PGP SIGNATURE-----
--------------enigFF9301EA83EA90BEC71E3456--
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@metzdowd.com
