Right but access to those keys will be available in an unhardened location then? Otherwise you're serving encrypted data. So if the system accessing the data and using the keys is compromised, which we can assume is the case if the data is compromised, then access to the keys is as well?
Maybe I'm being an idiot but it seems like a lot of extra complexity to protect against really only physical attacks where someone directly steals the data storage.
alt Hacker News
Right but access to those keys will be available in an unhardened location then? Otherwise you're serving encrypted data. So if the system accessing the data and using the keys is compromised, which we can assume is the case if the data is compromised, then access to the keys is as well?
Maybe I'm being an idiot but it seems like a lot of extra complexity to protect against really only physical attacks where someone directly steals the data storage.