Rich Freeman on 10 Feb 2018 12:45:30 -0800 |
[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]
Re: [PLUG] encrypting files with expiration |
I realize you posted this before I posted my TPM solution, but I figured I'd just comment on an element or two of this in the context of my earlier reply. On Sat, Feb 10, 2018 at 3:34 PM, brent timothy saner <brent.saner@gmail.com> wrote: > > 0.) data can perform no execution on its own This is absolutely true - hence the reason that I proposed a hardware-based solution. Hardware is STILL defeatable for the reason you bring up, though it can be very difficult to achieve. There is no true theoretical security for something like this (which is basically DRM). > 1.) how would the data know when this expiration happens? how can it > trust the system computer (as the user can change this)? how can it > trust the program that handles this hypothetical data format to actually > delete it (see 0.)? how can it *not be copied* to a saved-state machine? In my solution this is achieved using a trusted viewer. > 2.) how does it know it has only been "viewed once"? it would need this > data in a header - which are easily altered. sure, you could > sign/encrypt that header - but then you would need to include the key in > the same file, unencrypted, and we've all seen how well that works out > for... everyone that does that. I don't think view-once was actually part of the requirements, but again using the trusted viewer software this might be achievable. Just store two keys in the TPM. The software requests the first key, and stores it in RAM. Then it tells the TPM to destroy that key. Then it requests the second key, and destroys it. Then it combines the keys into the true key and decrypts the file. By the time the file is readable there is no way to ever read it again. Again, my solution only works on a specific hardware platform. (You could of course independently set it up more than once.) There is no way to just email a special file to somebody and have all these restrictions enforced on their own hardware, for all the reasons you're already getting at. -- Rich ___________________________________________________________________________ Philadelphia Linux Users Group -- http://www.phillylinux.org Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce General Discussion -- http://lists.phillylinux.org/mailman/listinfo/plug