Any scenario where the key is not ephemeral and you're handling client's input (... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		viraptor on Sept 4, 2017 \| parent \| context \| favorite \| on: TLS in Linux 4.13 kernel Any scenario where the key is not ephemeral and you're handling client's input (can expect exploitation). If you have a good enough separation/sandboxing, any exploit wouldn't be able to steal the encryption key, or other private data, even if the exploit worked. For handling encrypted secrets, this is popular as a HSM idea. You authenticate to a black box which does the crypto for you, but the key can't be extracted. Sometimes HSMs even have a physical tampering / self destruction protection.

mfukar on Sept 4, 2017 [–]

So a scenario where the key is long-lived, but the process communicating is transient? I suppose that makes sense, although I struggle to imagine the use case.

viraptor on Sept 4, 2017 | [–]

SSL, certificate signing, configuration decryption, anything Amazon SSE is used for, ...

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact