|
|
|
|
|
|
by dandraper
958 days ago
|
|
|
That's true except that if that session key is lost or exfiltrated, the scope of the breach is everything that key was used to encrypt (all of the user's data in your example). The other consideration is how to safely cache the data key? What if the cache is popped? |
|
|