[119100] in Cypherpunks

home help back first fref pref prev next nref lref last post

Re: how does disappearing.com's crypto work? (Re: WorthlessDisappearing [Self-Destruct E-mail])

daemon@ATHENA.MIT.EDU (Steve Orrin)
Thu Oct 14 22:07:31 1999

Message-ID: <048501bf16b0$3f0c9e70$0300000a@lithium.lockstar>
From: "Steve Orrin" <sorrin@lockstar.com>
To: "Mac Norton" <mnorton@cavern.uark.edu>
Cc: <cypherpunks@einstein.ssz.com>, <sunder@sunder.net>
Date: Thu, 14 Oct 1999 21:54:40 -0400
MIME-Version: 1.0
Content-Type: text/plain;
	charset="iso-8859-1"
Content-Transfer-Encoding: 7bit
Reply-To: "Steve Orrin" <sorrin@lockstar.com>

MacN,
Unless they download a special client viewer, they really can't "Destroy"
the data. (and even then it is only good for mom/pop, technical users will
figure out how to extract the decrypted data from the viewer after
decryption, just like the failed copy protection schemes) Perhaps what they
mean is that if they destroy the key the data is gone forever, hell who
really knows. Until they release their protocols/ source or get someone like
Bruce S., Paul C., or Taher E. inside the source we'll never know for sure:)
-so
-----Original Message-----
From: Mac Norton <mnorton@cavern.uark.edu>
To: Steve Orrin <sorrin@lockstar.com>
Cc: cypherpunks@einstein.ssz.com <cypherpunks@einstein.ssz.com>;
sunder@sunder.net <sunder@sunder.net>
Date: Thursday, October 14, 1999 9:31 PM
Subject: Re: how does disappearing.com's crypto work? (Re:
WorthlessDisappearing [Self-Destruct E-mail])


>I think I've read that they claim to destroy, not just erase, at
>rather quick intervals, and will stand for an audit on same. Now,
>of course, that says nothing about their crypto strength.
>MacN
>
>On Thu, 14 Oct 1999, Steve Orrin wrote:
>
>> Actually, it's not security they are after but rather are using
encryption
>> as a means of "making data disappear". Some one wrote an article on them
and
>> their technology, I'm not sure who. I don't know if they do a good job at
>> the cryptography or not, but the concept is not to secure data but rather
to
>> make it go away, and using crypto to accomplish this. The real question
is
>> what security measures are they using for the storage of the keys on the
>> server and the transmission of the key at decrypt time.
>>
>> -so
>> -----Original Message-----
>> From: adam@cypherspace.org <adam@cypherspace.org>
>> To: sunder@sunder.net <sunder@sunder.net>
>> Cc: cypherpunks@einstein.ssz.com <cypherpunks@einstein.ssz.com>
>> Date: Thursday, October 14, 1999 8:44 PM
>> Subject: how does disappearing.com's crypto work? (Re: Worthless
>> Disappearing [Self-Destruct E-mail])
>>
>>
>> >
>> >
>> >I haven't seen any technical discussion of what Disappearing Inc are
>> >up to.  Did the employee show up at the cypherpunks meeting as
>> >advertised?
>> >
>> >My guess is that they have come up with some kind of server gated
>> >forward secrecy protocol for email.  Forward secrecy is good, but
>> >forward secrecy should be end-to-end, not server based, because then
>> >you have to trust the server.
>> >
>> >Adam
>> >
>>
>>
>
>


home help back first fref pref prev next nref lref last post