top | item 43486873

(no title)

muti | 11 months ago

The specifics of how the keys are backed against different failure modes/attacks is orthogonal to the splitting of data/key.

Yes you would need to carefully design the system that allows deletion of keys while minimizing chances of data loss, but it can be done, and it's going to be cheaper and less complex to do so on a tiny subset of the data.

Latency considerations are also down to design, it's not a given that there will be significant overhead imposed.

discuss

No comments yet.