On Wed, Aug 12, 2009 at 10:46 PM, Joseph Oreste Bruni<[email protected]> wrote:
[clip]
> http://www.securityfocus.com/news/11556
>
> Not entirely on topic, but for those using GnuPG (or other encryption
> software), you should always keep abreast of the encryption laws of your
> country.
[clip]

Has everyone seen the "Vanish" project from University of Washington?
http://vanish.cs.washington.edu/

If you haven't you should really give their paper a read, it's pretty
interesting. The basic idea is that the key is random, and no-one
actually needs to "know" it: it's broken up using secret sharing and
dsitributed through a peer-to-peer network. The recipient can retrieve
the shares and reconstruct the key for a one-time decryption, but over
time, the shares should naturally leave the network and eventually the
key is lost completely.

I have my doubts, but I'm open to the possibility that it could work,
and I'm very interested to see how law-enforcement will respond if it
does. Will they force all p2p nodes to log everything, try to monitor
networks themselves, or just plain make the system illegal?

-- 
Feel free to contact me using PGP Encryption:
Key Id: 0x3AA70848
Available from: http://keys.gnupg.net

_______________________________________________
Gnupg-users mailing list
[email protected]
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Reply via email to