[Cryptography] storage encryption

Michael Kjörling michael at kjorling.se
Tue Jul 17 04:02:22 EDT 2018


On 15 Jul 2018 09:28 -0700, from cryptography at metzdowd.com (John Denker via cryptography):
> Suppose there was a low-budget or no-budget activist group
> that wanted to share documents via one of the cloud storage
> services.  Obviously one wants to add a layer of encryption.
> 
> [...]
> 
> I am also aware of the zeroth law, which says:
> «If you don't have physical security, you don't have security.»
> So the whole security problem might be impossible even
> before we get to the crypto.  Sigh.

Well, what's the threat model? You say that this is for an "activist
group", but that term alone spans a huge spectrum already (both in
terms of what those people are doing or planning on doing, and in
terms of the number of people involved), and the response to each
point on that spectrum can also cover a pretty broad range.

It's hard to propose solutions when the problem isn't clearly defined.

-- 
Michael Kjörling • https://michael.kjorling.semichael at kjorling.se
  “The most dangerous thought that you can have as a creative person
              is to think you know what you’re doing.” (Bret Victor)


More information about the cryptography mailing list