[Cryptography] Checking for the inadvertent use of test keys
Philip Gladstone
pjsg-cryptography at nospam.gladstonefamily.net
Fri Sep 4 08:18:12 EDT 2015
On 3-Sep-2015 20:09, Ray Dillinger wrote:
>
> On 09/02/2015 11:51 AM, Guus Sliepen wrote:
>> You could algorithmically Google the key and warn when the number of
>> hits is too high.
>
> Don't even joke about sending keys off to a third-party who's going
> to have to have them in the clear to provide meaningful results.
>
I suspect that you could check the SHA256 hash of the keys in perfect
safety. This suggests that you could build a service that just
remembered (the hashes of) all the keys and told the requester to use
(or not to use) a particular key.
Of course, such a scheme would make it difficult to set up an encrypted
channel from point A to point B as the second person would be told that
their key was no good.
Back to the drawing board....
Philip
More information about the cryptography
mailing list