[Cryptography] Protecting Private Keys
hallam at gmail.com
Sat Sep 7 16:30:42 EDT 2013
On Sat, Sep 7, 2013 at 10:20 AM, Jeffrey I. Schiller <jis at mit.edu> wrote:
> If I was the NSA, I would be scavenging broken hardware from
> “interesting” venues and purchasing computers for sale in interesting
> locations. I would be particularly interested in stolen computers, as
> they have likely not been wiped.
And this is why I have been so peeved at the chorus of attack against
All I have ever really wanted from Trustworthy computing is to be sure that
my private keys can't be copied off a server.
And private keys should never be in more than one place unless they are
either an offline Certificate Signing Key for a PKI system or a decryption
key for stored data.
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the cryptography