[Cryptography] Fwd: Other obvious issues being ignored?

[Tom Mitchell]

On Mon, Oct 19, 2015 at 6:10 AM, Thierry Moreau <
thierry.moreau at connotech.com> wrote:

> The recent realization that public key cryptosystems having common
> parameters (DH) may be vulnerable from the very fact that they rely on
> common parameters is puzzling to me.
>
> In hindsight, the question

 ......

>
> What other "obvious" questions are we ignoring?
>

Q: In what other ways is the system being deployed?

Comment:  Beyond the intended purpose of the crypto-system what off label
applications
have been deployed?   Drug companies call it off label medication... legal
to do for drugs
but not legal for a vendor to advertise.
*) An encryption system used to secure data might be employed to ensure
deletion of data
by deleting the local key. If the system is broken then the "deleted" data
is fair game.
*) A storage system off site might contain pre-processes data to stream
that is decrypted by the client.
Such a storage system might allow cloud replication and backup at services
where trust is difficult to establish
and verify.   Should the crypto-system fail badly in the future to a future
insight/attack those archives and data
stores can be read like a book long after the client half of the key is
deleted.  Discarded disks and phones?


-- 
  T o m    M i t c h e l l
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.metzdowd.com/pipermail/cryptography/attachments/20151023/29eb604e/attachment.html>