[Cryptography] Came up with a weird use case, got questions

[Phillip Hallam-Baker]

On Mon, Jan 7, 2019 at 1:38 PM Bill Frantz <frantz at pwpconsult.com> wrote:

> On 1/7/19 at 10:38 PM, phill at hallambaker.com (Phillip
> Hallam-Baker) wrote:
>
> >The most robust schemes in practice are going to involve ceremony and some
> >form of trusted hardware. We could build a HSM such that it will only
> >release the data if it receives a signed statement of the current time
> from
> >a trusted source. Throw it in a vault and bring it out after 100 years. It
> >will probably work. If built right.
> >
> >Establishing a quorate notary that can be trusted to sign time is rather
> >easier. Each notary would have to delegate its function to a successor
> >periodically but that should not be too difficult to ensure.
> >
> >Of course there is then a real risk that the data is lost because the
> >notaries don't continue their function.
>
> There are a lot of causes of risk of data loss. Bit rot in
> storage media is a real worry. The best solution is to copy the
> data regularly. For the encrypted data, the only downside is the
> storage cost. For the keys it introduces a new complication in
> maintaining secrecy.
>
> There is also risk of transistor failure in the HSM due to
> dopant migration over time. We don't have experience with
> transistor equipment over long periods of time. Our experience
> with tube equipment, which is about 100 years, is that
> electrolytic capacitors die unless treated with a low voltage
> for a while to rebuilt their insulation layer. Sometimes they
> die anyway. I can't think of a way of keeping a HSM alive over
> long periods of time, certainly not one that is anywhere near as
> easy as copying data.
>
> Cheers - Bill
>

My current solution is to laser etch anodized aluminium plates with Shamir
secret shares...
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.metzdowd.com/pipermail/cryptography/attachments/20190108/a9eebcc1/attachment.html>