

Ask HN: Revocable File Sharing? - stcredzero

Is there a fully revocable file/media sharing service?  I realize that there are ways of publishing movies and books with DRM which can disable display/playback after a certain amount of time, but I am thinking about a facility where end users can upload pictures and documents, then be assured that the contents will be securely erased after a certain time on demand from the user.
======
swolchok
The general consensus is that DRM cannot be made secure. Why? You are
delivering content and the means of playing it to the user. If the user can
play it, the user can copy it. Game over.

However, if the recipient of the shared document is also interested in the
timed destruction of the document, you could encrypt the document and escrow
the key on a web server. The host of the web server promises to erase the key
after a certain time, and the recipient promises to delete all unencrypted
copies of the document and temporary encryption keys.

What I have just described above is a much simpler way to implement Vanish
(<http://vanish.cs.washington.edu/>) if you allow the use of a trusted web
server. Note that the full Vanish implementation is insecure
([http://z.cs.utexas.edu/users/osa/unvanish/papers/vanish-
brok...](http://z.cs.utexas.edu/users/osa/unvanish/papers/vanish-broken.pdf)).

~~~
nopassrecover
What you are describing is the digital equivalent of hiring out films from a
store but trying to verify that they didn't tape a copy before returning it. I
guess the answer is to be affordable and convenient enough that it makes
economic sense to hire it from you.

------
pascalchristian
the file does not need to be erased, the file can be encrypted with a key
which is hosted on a secure server. after a user uses a key for sometime, it
would expire and they would need to request a new key from the server. however
you can set the server to stop issuing keys, and hence the file would never be
opened again. this is similar to shareware distribution, it has been done for
ages i guess. think steam.

~~~
pascalchristian
reading my comment again, it sounds like a great app idea. steam for file ftw!

------
chancho
Without some kind of encryption on the file being shared, what we be the basis
for the assurance that the file is securely erased? A promise?

