[Matroska-devel] Re: Re: Re: Compromise Encryption Proposal

Paul Bryson paul at msn.com
Sat Jan 28 08:09:52 CET 2006

"Joseph Ashwood" wrote...
> For the same reason that IT audit logs aren't built that way. If you wait 
> until the file is completed then the window of opportunity to alter the 
> file undetectably is the entire creation time. In the case of say a video 
> from a bank it is entirely conceivable that same file could be for an 
> entire month, this would represent an enormous security risk. Instead the 
> file is signed in smaller pieces, perhaps per second or minute. Done 
> properly it becomes impossible to edit the past without detection.

The current Matroska signing element allows signing only certain parts.  You 
could for instance, sign every cluster individually.  The length of time in 
a cluster can vary to the creator's settings, but typical might be 5 


More information about the Matroska-devel mailing list