[Cryptography] Tamper-evident cryptographic systems
Ralf Senderek
crypto at senderek.ie
Sat Mar 22 13:56:43 EDT 2014
On Sat, 22 Mar 2014, Jerry Leichter wrote:
>>> Data at rest is encrypted.
>> If it is done securely, _we will notice_, because to reliably encrypt data
>> at rest the decryption key must come from the outside (from the user),
>> it cannot be stored on the server where the data rests. So in principle,
>> if our co-operation is not required to use the data at rest, it is not
>> reliably encrypted.
> And if every byte you send produces two copies, one encrypted with your key, one with the NSA's? Or if the key you send to access your data is promptly provided to the FBI?
Yes that can happen, I didn't say we have proof of a reliable encryption
when our co-operation is necessary. My point was, that without our
co-operation we have proof that something went wrong. (sign of
tamper-evidence)
Today there are widely used web applications that store decryption keys
(or passwords for databases) in plain text on the server to save the user
the trouble to provide the essential part for protecting his data every
time it's needed in order to "improve" the user experience. This is not
(yet) considered as a clear warning sign.
--ralf
More information about the cryptography
mailing list