[Cryptography] End-to-End, One-to-Many, Encryption Question
Jerry Leichter
leichter at lrw.com
Sun Jun 15 06:02:23 EDT 2014
On Jun 15, 2014, at 5:28 AM, Peter Fairbrother <zenadsl6186 at zen.co.uk> wrote:
>> ...To remove Charley-n's access, simply remove the name/encrypted key
>> pair with his name on it.
>
> Here lies a greater problem - the secure deletion of data once stored in a cloud is practically impossible. The user does not know how many copies have been made, so he can't be sure they have all been deleted.
>
> I say practically impossible rather than actually impossible only because a user can upload ciphertext only, and not upload the key, and on deletion of the key that deletion can be secure (for some value of "secure"). But then if eg you want perfect security and use an OTP, is the data actually stored in the cloud?
Information once transferred can't be recalled. The strongest thing you could ever get is a record of who accessed the information (for some notion of "who" - i.e., some kind of identification scheme on which you rely). As the NSA's apparent inability to determine exactly what documents Snowden accessed testifies, that's often not attainable in the real world even for the "first order" access. Once you ask who might have received the information from whoever accessed it directly ... the answer quickly becomes "just assume everyone has seen it".
I don't see how the cloud changes anything other than scale (which, granted, may change things significantly from a real-world point).
-- Jerry
More information about the cryptography
mailing list