On Wed, Aug 12, 2009 at 10:46 PM, Joseph Oreste Bruni<[email protected]> wrote: [clip] > http://www.securityfocus.com/news/11556 > > Not entirely on topic, but for those using GnuPG (or other encryption > software), you should always keep abreast of the encryption laws of your > country. [clip]
Has everyone seen the "Vanish" project from University of Washington? http://vanish.cs.washington.edu/ If you haven't you should really give their paper a read, it's pretty interesting. The basic idea is that the key is random, and no-one actually needs to "know" it: it's broken up using secret sharing and dsitributed through a peer-to-peer network. The recipient can retrieve the shares and reconstruct the key for a one-time decryption, but over time, the shares should naturally leave the network and eventually the key is lost completely. I have my doubts, but I'm open to the possibility that it could work, and I'm very interested to see how law-enforcement will respond if it does. Will they force all p2p nodes to log everything, try to monitor networks themselves, or just plain make the system illegal? -- Feel free to contact me using PGP Encryption: Key Id: 0x3AA70848 Available from: http://keys.gnupg.net _______________________________________________ Gnupg-users mailing list [email protected] http://lists.gnupg.org/mailman/listinfo/gnupg-users
