Hacker News new | past | comments | ask | show | jobs | submit login

You implement it by putting the key inside a box, and letting that box perform the decryption. No other services/ports allowed. (Except you have to have a way to get the public key out, and allow the box to generate a private key which means it needs entropy). You can pot the box in epoxy for additional security.



Nothing that you, tzs and vbezhenar are describing is different from “end to end encryption, but with a backdoor that could be leaked”


So now you have an ultra secure box. It’s like the unsinkable Titanic. Someone (somehow) copies the key, and proceeds to decrypt all your citizens’ communications, but you are 100% that hasn’t happened, because it is, after all, impossible.

Just like it was impossible for the Titanic to sink.




Consider applying for YC's Spring batch! Applications are open till Feb 11.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: