|
Full Disclosure
mailing list archives
Re: Time Expiry Alogorithm??
From: Vincent Archer <var () deny-all com>
Date: Mon, 22 Nov 2004 12:28:06 +0100
On Fri, Nov 19, 2004 at 11:44:14AM -0500, Valdis.Kletnieks () vt edu wrote:
For example an email message maybe decrypted withing 48 hours of its
delivery otherwise it become usless or cant be decrypted with the
orignal key
So now it's 3 weeks later, and I can't read the email...
So I set the date on the PC back 20 days, and now it's within 48 hours
of delivery. Now, what was this about "unreadable"?
Well, you can ensure that a mail can't be read after the elapsed time.
Encrypt it with a one-time key. Make the key available for on some kind
of server for the allocated period, and disappear. Unless your recipient
takes the key in time, the message can't be read.
However, once you have read the message once, there is nothing that
can be done to prevent the user from reading it again, even after the
48h. Once the data is in the hand of the "ennemy", then you can't
trust anything.
--
Vincent ARCHER
varcher () denyall com
Tel : +33 (0)1 40 07 47 14
Fax : +33 (0)1 40 07 47 27
Deny All - 5, rue Scribe - 75009 Paris - France
www.denyall.com
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
 By Date 
By Thread
Current thread:
Re: Time Expiry Alogorithm?? Valdis . Kletnieks (Nov 19)
- Re: Time Expiry Alogorithm?? Vincent Archer (Nov 22)
Re: Time Expiry Alogorithm?? Gary E. Miller (Nov 20)
|
Intro
