275 ;;Quote: cryptographically seal an object with a key; self-authenticating, black box, new keys freely created or derived

275 ;;Quote: cryptographic seals are the first passive security mechanism; no restrictions on a client's access

275+;;Quote: an active security mechanism builds a security envelope between clients and storage; system administrators have full access

276 ;;Quote: a sealed object must be useless to someone without the keys; secrecy property

280 ;;Quote: with a threshold scheme can divide a datum into n pieces such that need any k pieces to reconstruct D

284 ;;Quote: should not protect lots of information with a single key; reduces vulnerability to cryptoanalytic successes and known-cleartext attacks

284 ;;Quote: the strength of a cryptographic system should match the duration of the secret information

284 ;;Quote: the value of information protected by encryption should be much less than the cost of decryption

284 ;;Quote: shouldn't unnecessarily divulge information, e.g., public keys should remain secret from non-users

285 ;;Quote: with seals, users don't have to trust the computer system and its administrators, and can freely distribute; good for distributed systems