26 Sep
2013
26 Sep
'13
6:49 a.m.
On Wed, Sep 25, 2013 at 11:38 PM, coderman <coderman@gmail.com> wrote:
... the key is to re-key so frequently there is never a significant volume transferred under the same symmetric key.
this also is useful for constraining the duration of an authenticated session. if you must "attest" to the authenticated status of an entity at a frequent interval, the use of a panic button or other key zeroisation / session abort mode becomes much more useful and actionable, denying access to the protected resource within milliseconds of a "panic" event occurring. this is another long tangent for another day...