|
|
|
|
|
|
by e12e
4693 days ago
|
|
|
Lavabit's original architecture only store's an encrypted version of the private key needed to decrypt the messages. The private key is encrypted with the users password, and they don't store this password in plain text. However; if you could intercept this password, and already got a copy of the encrypted private key as well as the encrypted data from lavabit, you could then decrypt the data. Presumably lavabit didn't want to back door their services, by either storing a copy of the session keys, the password, or the plain text -- and chose to shut down instead. |
|
|