Home page logo

fulldisclosure logo Full Disclosure mailing list archives

Re: Re; Time Expiry Algorithm
From: Raj Mathur <raju () linux-delhi org>
Date: Sun, 21 Nov 2004 21:10:45 +0530

Hash: SHA1

"jax" == Jacqueline Singh <jacqueline.singh () gmail com> writes:

    jax> /me shakes her head at Andrew Farmer.  Okay, now it's just
    jax> ridiculous to suggest that you wouldn't be able to implement
    jax> a time limitation on something encrypted simply because
    jax> "clocks can be changed".

    jax> What 'clocks' are talking about -- which are you basing it
    jax> off of?

    jax> What if you decided to code into the encryption the use of
    jax> atomic clocks, and include more than one or two as a
    jax> redundancy/security check?

    jax> Someone's really going create a huge conspiracy to change a
    jax> few of the world's atomic clocks drastically to be able to
    jax> crack someone's encrypted data? :P

Nope, but one would happily set a policy that re-routed requests to
the atomic clocks to a local system, also with flawed time, in an
intermediate router.  There is no way to have time-limited encryption,
even under control of a remote server, since the first time the
document is decrypted and rendered the client just needs to save the
decrypted document.

Remember Apple's Fairplay and Hymn?  Similar problem -- once the
decrypted data stream is available on the local PC there's no way to
prevent the user from saving it in a format of her choice; unless you
make a blackbox appliance, which too would get cracked eventually.


- -- Raju

    jax> -jax

    >> To: "Gautam R. Singh" <gautam.singh () gmail com> Cc:
    >> Full-Disclosure Full-Disclosure
    >> <full-disclosure () lists netsys com> From: Andrew Farmer
    >> <andfarm () teknovis com> Subject: Re: [Full-disclosure] Time
    >> Expiry Alogorithm??  Date: Fri, 19 Nov 2004 10:28:20 -0800

    jax> Gautam R. Singh <gautam.singh () gmail com> wrote:
    >> I was just wondering is there any encrytpion alogortim which
    >> expires with time.  For example an email message maybe
    >> decrypted withing 48 hours of its delivery otherwise it become
    >> usless or cant be decrypted with the orignal key

    >>> No. Think about it for a moment.

    >>> (Clocks can be changed.)

- -- 
Raj Mathur                raju () kandalaya org      http://kandalaya.org/
       GPG: 78D4 FC67 367F 40E2 0DD5  0FEF C968 D0EF CC68 D17F
                      It is the mind that moves
Version: GnuPG v1.2.4 (GNU/Linux)
Comment: Processed by Mailcrypt 3.5.8 <http://mailcrypt.sourceforge.net/>


Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]