[Cryptography] Checking for the inadvertent use of test keys

Philip Gladstone pjsg-cryptography at nospam.gladstonefamily.net
Fri Sep 4 08:18:12 EDT 2015

On 3-Sep-2015 20:09, Ray Dillinger wrote:
> On 09/02/2015 11:51 AM, Guus Sliepen wrote:
>> You could algorithmically Google the key and warn when the number of 
>> hits is too high. 
> Don't even joke about sending keys off to a third-party who's going
> to have to have them in the clear to provide meaningful results.
I suspect that you could check the SHA256 hash of the keys in perfect 
safety. This suggests that you could build a service that just 
remembered (the hashes of) all the keys and told the requester to use 
(or not to use) a particular key.

Of course, such a scheme would make it difficult to set up an encrypted 
channel from point A to point B as the second person would be told that 
their key was no good.

Back to the drawing board....


More information about the cryptography mailing list