This page (revision-1) was last changed on 29-Nov-2024 16:16 by UnknownAuthor

Only authorized users are allowed to rename pages.

Only authorized users are allowed to delete pages.

Page revision history

Version Date Modified Size Author Changes ... Change note

Page References

Incoming links Outgoing links
Key Rotation
Key Rotation

Version management

Difference between version and

At line 1 added 144 lines
!!! Overview
[{$pagename}] is the process of replacing existing [Keys]
!! Why [{$pagename}]
* Encryption stales - Sometimes it’s just a matter of time (DES was awesome in 1977. Now, not so much). So if your encryption algorithm can be broken in N years, you probably want to rotate it in some period smaller than N, no?
And yeah, N isn’t necessarily “heat death of the universe” because you’re using 4096-bit keys. Things change — key leaks, quantum encryption, NSA loopholes, whatever. The safe thing to do is just rotate your signing key — and, potentially, the algorithm too !— every so often (••)
* Keys Leak - It happens, and for a host of reasons including state-actors. In either case, keys do leak. The safe thing to do is rotate your [encryption] key every so often, so that when keys do get compromised, the amount of data that you lost isn’t, well, Everything.
* Straight up attacks. For many (most?) encryption algorithms, the more data you gather, the easier it is to break. A prominent example is AES GSM, that loses it’s protection-fu if more than 64GB of data is encrypted with the same key
!! More Information
There might be more information for this subject on one of the following:
[{ReferringPagesPlugin before='*' after='\n' }]
----
* [#1] - [Why Key Rotation|https://medium.com/@dieswaytoofast/why-key-rotation-f374c71b9c6f|target='_blank'] - based on information obtained 2018-10-14-
This page (revision-1) was last changed on 29-Nov-2024 16:16 by UnknownAuthorTop