
Ask HN: Is it safe to publish sensitive data in public if encrypted? - vrypan
Suppose you encrypt very sensitive and valuable data with the strongest available crypto. Would it be safe to store the encrypted data in public, for example in a blog post or a public github repo?
======
CarolineW
It depends. Here are the questions that came to my mind in under 30 seconds:

* For how long must it be secure?

* Against whom must it be secured?

* What are your potential losses if it's broken?

* How can you be sure you've used a secure implementation?

* What do you think the "strongest available crypto" currently is?

* Can you be sure that the key will never be compromised?

* Where will you store the key?

* Do you need to send the key to someone else?

* Where will the encryption happen?

... and there's more.

~~~
vrypan
* For how long must it be secure? let's say for 10 years

* Against whom must it be secured? Everyone, including national agencies and organised crime.

* What are your potential losses if it's broken? A lot of money.

* How can you be sure you've used a secure implementation? No idea

* What do you think the "strongest available crypto" currently is? No idea, but I would guess someone has this answer

* Can you be sure that the key will never be compromised? No, but this is a separate problem, I assume here that the key is not compromised.

* Where will you store the key? Off-line

* Do you need to send the key to someone else? No.

* Where will the encryption happen? Locally.

~~~
sova
Elliptic Curve Cryptography

~~~
CarolineW
One Time Pad!

------
fergbrain
My understanding is that NSA considers classified data that has been encrypted
using a suitable cipher/key to be unclassified and suitable for transmission
on unsecure systems/networks.

------
SXX
Vernam cipher will come to rescue.

