On 8/30/06, Tels nospam-abuse@bloodgate.com wrote:
So, if you can't guarantee that the hashes of the IP (including the log) don't leak out, how can you guarantee that the secret doesn't leak out? Answer: You can't.
The only safe way to not leak these information out is not even to store them.
Silly, you store the hashes but not the secret.