Volitank t1_izd4clg wrote
Reply to comment by happyscrappy in Apple announces plans to encrypt iCloud data on its servers, including full backups, photos and notes. by [deleted]
The accounts that read the data would likely have a method of utilizing the keys. I would assume a different key per account.
Authentication is handled separately from the database itself. A breach of a single database host, even as root, would not mean you're able to view the data in plain text or have access to the keys.
It could be decrypted in stream. User authenticates into the system, it then grabs the encrypted data in the database, decrypts it outside of that host using their key and sends them the decrypted data.
Of course I don't know Apples infrastructure exactly but encryption is definitely not useless in this regard.
happyscrappy t1_izdf60m wrote
> Authentication is handled separately from the database itself. A breach of a single database host, even as root, would not mean you're able to view the data in plain text or have access to the keys.
A breach of a single database host isn't even going to tell you who the data is associated with.
> It could be decrypted in stream. User authenticates into the system, it then grabs the encrypted data in the database, decrypts it outside of that host using their key and sends them the decrypted data.
Yes, it could be. It hardly matters. Unless it is E2E the key to decrypt it is there on the host that sends it. They just compromise that host instead.
Viewing a single comment thread. View all comments