Date: Wed, 3 May 2000 10:33:32 -0500 (EST) From: "Andrew J. Korty" <ajk@iu.edu> To: security@freebsd.org Subject: Cryptographic dump(8) Message-ID: <Pine.BSF.4.21.0005031019190.21805-100000@kobayashi.uits.iupui.edu>
next in thread | raw e-mail | index | archive | help
I've just extended dump(8) and restore(8) to encipher dump lists and inode data with CBC 3DES, leaving the headers as cleartext. Keys can be entered from the tty or a cleartext file. The purpose is to safely transport and store dumps containing sensitive data. The question: what is the best way to verify a key handed to restore(8) to decipher a dump? My best thought so far is to store a checksum for the dumplist, which is just a bitmap of inodes on the tape, in its header. When restore tries to decipher the dumplist it will run its own checksum and compare. -- Andrew J. Korty, Lead Security Engineer Office of the Vice President for Information Technology Indiana University To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.4.21.0005031019190.21805-100000>