Timeline for Securing Time Sensitive Data
Current License: CC BY-SA 3.0
3 events
| when toggle format | what | by | license | comment | |
|---|---|---|---|---|---|
| Feb 11, 2013 at 13:49 | comment | added | AJ Henderson | SecurID wouldn't be all that secure because while you could require them to enter the current code, it lacks the faculties to time protect the key release. You could write a program that required a code after a given point to be entered, but that program would only really be able to obscure the key. Alternativly, I guess you could forward generate a number of codes and encrypt the key with each of those codes as a password, which would give a limited time to access the key, but it would also simplify offline attacks significantly as there would only be 100,000,000 possible keys. | |
| Feb 10, 2013 at 2:38 | comment | added | Bob Watson | SecurID tokens aren't out of the question - the tricky part is how to arrange the files/crypto to only work with keys generated after a certain time. | |
| Feb 10, 2013 at 2:33 | history | answered | AJ Henderson | CC BY-SA 3.0 |