-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Moin,
On Wednesday 30 August 2006 19:44, Gregory Maxwell wrote:
On 8/30/06, Tels
<nospam-abuse(a)bloodgate.com> wrote:
So, if you can't guarantee that the hashes of
the IP (including the
log) don't leak out, how can you guarantee that the secret doesn't leak
out? Answer: You can't.
The only safe way to not leak these information out is not even to
store them.
Silly, you store the hashes but not the secret.
The machine doing the hashes needs to know the secret and to make a
meaningfull analysis, you can't change it. (Well, maybe you could change it
once a month).
Still the secret is there and it can be leaked, subpoenaed or just plain be
sent out by a SNAFU.
Store the secret on flash memory embedded on a chip with a standalone
processor, like a smart card. Have the processor do the hashes itself, don't
provide any interface to obtain the secret. Put the processor in a box with
a tamper switch and a small incendiary device, nothing but a serial line
leading out. Easy.
-- Tim Starling