Techly NewsGet the app

Get the latest tech news

Key Transparency and the Right to Be Forgotten


This post is the first in a new series covering some of the reasoning behind decisions made in my project to build end-to-end encryption for direct messages on the Fediverse. (Collectively, Fedi-E2…

The first option seems simple, but runs into governance issues: How do you claim the data was crypto-shredded if countless individuals have a copy of the encryption key, and can therefore recover the plaintext from the ciphertext? In my system, there is one additional public input we can use to increase the quality of the salt distribution (to resist precomputation) without introducing variability (to ensure the commitment is robust): A Merkle tree root. If the encryption key is shredded in the future, an attacker without knowledge of the plaintext will have an enormous uphill battle recovering it from the KDF output (and the salt will prove to be somewhat useless as a crib).

Get the Android app

Or read this on Hacker News

Read more on:

Photo of Right

Right

Photo of key transparency

key transparency

Related news:

News photo

The Right’s Triumph Over Social Media

News photo

E/acc as a religion:A Technologist's Right to Choose

News photo

Public sector cyber break-ins: Our money, our lives, our right to know

« Do Large Language Models learn world models or just surface statistics? (2023)
Salmon return to lay eggs in historic habitat after Klamath River dam removal »