Allen wrote on 31.01.2007 01:02:
> I'll skip the rest of your excellent, and thought provoking post as it
> is future and I'm looking at now.
> From what you've written and other material I've read, it is clear that
> even if the horizon isn't as short as five years, it is certainly
> shorter than 70. Given that it appears what has to be done is the same
> as the audio industry has had to do with 30 year old master tapes when
> they discovered that the binder that held the oxide to the backing was
> becoming gummy and shedding the music as the tape was playing -
> reconstruct the data and re-encode it using more up to date technology.
> I guess we will have grunt jobs for a long time to come. :)

I think you underestimate what Travis said about ensurance on a
long-term encrypted data. If an attacker can (and it is very likely) now
obtain your ciphertext encrypted with a scheme that isn't strong in
70-years perspective, he will be able to break the scheme in the future
when technology and science allows it, effectively compromising [part
of] your clients private data, despite your efforts to re-encrypt it
later with improved scheme.

The point is that encryption scheme for long-term secrets must be strong
from the beginning to the end of the data needed to stay secret.


Attachment: signature.asc
Description: OpenPGP digital signature

Reply via email to