On Sep 8, 2013, at 7:16 PM, james hughes wrote:
> Let me suggest the following. 
> With RSA, a single quiet "donation" by the site and it's done. The situation 
> becomes totally passive and there is no possibility knowing what has been
> read.  The system administrator could even do this without the executives 
> knowing.
An additional helper:  Re-keying.  Suppose you send out a new public key, 
signed with your old one, once a week.  Keep the chain of replacements posted 
publicly so that someone who hasn't connected to you in a while can confirm the 
entire sequence from the last public key he knew to the current one.  If 
someone sends you a message with an invalid key (whether it was ever actually 
valid or not - it makes no difference), you just send them an update.

An attacker *could* sent out a fake update with your signature, but that would 
be detected almost immediately.  So a one-time "donation" is now good for a 
week.  Sure, the leaker can keep leaking - but the cost is now considerably
greater, and ongoing.
                                                        -- Jerry

The cryptography mailing list

Reply via email to