On Fri, Jul 3, 2009 at 4:37 AM, Jack Lloyd<[email protected]> wrote: > On Thu, Jul 02, 2009 at 09:29:30AM +1000, silky wrote: > > A potentially amusing/silly solution would be to have one strong key > > that you change monthly, and then, encrypt *that* key, with a method > > that will be brute-forceable in 2 months and make it public. As long > > as you are constantly changing your key, no-one will decrypt it in > > time, but assuming you do die, they can potentially decrypt it while > > arranging your funeral :) > > This method would not work terribly well for data at rest. Copy the > ciphertext, start the brute force process, and two months later you > get out everything, regardless of the fact that in the meantime the > data was reencrypted.
Indeed, hence the reason I suggested encrypting only your "real" key with this method. By the time you're done decrypting that, you've only gotten a stale key. Of course the approach isn't really practical in principle, it's only cute. > -Jack -- noon silky http://lets.coozi.com.au/ --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [email protected]
