Encrypted Web Pages?

Martin Fick mogulguy at yahoo.com
Tue Dec 18 16:50:22 UTC 2007


--- "Vlad \"SATtva\" Miller" <sattva at pgpru.com> wrote:
> Martin Fick wrote on 18.12.2007 01:05:
> > --- "Vlad \"SATtva\" Miller" <sattva at pgpru.com>
> wrote:

> What if on sudden he becomes aware of one of the 
> recipient key's compromise? Now
> sender needs to decrypt the whole site and
> re-encrypt it to another set of public keys, 
> excluding the compromised one to not
> let an attacker to lay his hands on sensitive 
> data (if it's not too late already). Problems
> arises:

No need to decrypt anything, simply destroying 
the compromised data is enough in my case.  The
only compromised data is the data encrypted with
the compromised key.

...
> If my life was at stake, I wouldn't trust it to that
> sort of things.

I depends on what puts your life at stake, 
compromised data or lost data?  If the later, 
than certainly such a system is not for you
(but neither are most alternate solutions), 
if the former I wouldn't trust any other type
of system!

> And finally there is a gap in the threat model. If
> we treat webserver as
> untrusted (or even malicious) then we can't discard
> a trivial option of
> DoS attack: server (or hosting provider) may simply
> erase the contents
> of the website or block access for legitimate users.

Not a major concern in my threat model.  Lost data is
not compromised data.  This can easily be coded around
with redundant separate isolated secret hosting.

-Martin



      ____________________________________________________________________________________
Looking for last minute shopping deals?  
Find them fast with Yahoo! Search.  http://tools.search.yahoo.com/newsearch/category.php?category=shopping



More information about the tor-talk mailing list