Hacker News new | past | comments | ask | show | jobs | submit login

You're assuming a single piece of information has a single key-pair. E.g.:

  1. Obtain sensitive information
  2. Generate a new key-pair
  3. Encrypt with public key
  4. Store encrypted info
  5. Delete public key
  6. Use private key to decrypt when reading the data
It's also likely they they were using one key-pair to encrypt all of their data (or all of a specific type, e.g. one key-pair to encrypt all passwords). In this case, the public key would be needed to encrypt new data coming in.



No, I was thinking the latter, but the data should in that case be encrypted with the public key, which can be copied to the web-facing servers.




Consider applying for YC's Summer 2025 batch! Applications are open till May 13

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: