From owner-freebsd-security  Mon May 17  3:16:18 1999
Delivered-To: freebsd-security@freebsd.org
Received: from schuimpje.snt.utwente.nl (schuimpje.snt.utwente.nl [130.89.238.4])
	by hub.freebsd.org (Postfix) with ESMTP id 01F7A14A2F
	for <freebsd-security@FreeBSD.ORG>; Mon, 17 May 1999 03:16:16 -0700 (PDT)
	(envelope-from jeroen@vangelderen.org)
Received: from wit395301.student.utwente.nl ([130.89.235.121]:35597 "EHLO vangelderen.org" ident: "NO-IDENT-SERVICE[2]") by schuimpje.snt.utwente.nl with ESMTP id <8020-32302>; Mon, 17 May 1999 12:15:58 +0200
Message-ID: <373FEC63.D579485D@vangelderen.org>
Date:	Mon, 17 May 1999 12:16:03 +0200
From: "Jeroen C. van Gelderen" <jeroen@vangelderen.org>
X-Mailer: Mozilla 4.51 [en] (Win98; U)
X-Accept-Language: en
MIME-Version: 1.0
To: Kris Kennaway <kkennawa@physics.adelaide.edu.au>
Cc: Adam Shostack <adam@breakwater.homeport.org>, nr1@ihug.co.nz,
	freebsd-security@FreeBSD.ORG
Subject: Re: secure backup
References: <Pine.OSF.4.10.9905171213420.28148-100000@bragg>
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org

Kris Kennaway wrote:
> 
> On Sun, 16 May 1999, Adam Shostack wrote:
> 
> > You're worried about errors on the tape, I presume?  You could
> > pipe the output of pgp through something that does redundant 
> > encoding, such that errors on the tape are recoverable outside 
> > the tape.  There are some direct tradeoffs that you can find 
> > between bloat and recoverability; as you add bits, your odds 
> > of being able to reconstruct increase.
> 
> Pipe the output of dump or tar or whatever you're using through 
> bdes(1). You don't need the overhead of PGP unless you want a 
> trusted third party to read the backup without knowing the 
> encryption key. 

PGP provides a password based encryption mode, just use that, you will
still benefit from PGPs compression and checksumming facilities.

> Pass the data through three
> rounds of bdes doing an encrypt, decrypt, followed by encrypt (with different
> keys, of course) and you've got yourself 3DES, which bdes doesn't seem to do
> natively. Make the keys random, and stick those in a PGP file if you like.

If you assume PGP is available, why not just use it? Using bdes(1) in
this setup sounds way more complicated (thus error-prone) to me.

> Transport the data stream to the server using ssh -c none (no need for the
> overhead of another encryption layer unless you're really paranoid) 

Just being cautious is enough. Adding a layer of SSH encryption will at
least twarth offline dictionary attacks on the backup passphrase.
Encryption is cheap, why disable it if you don't have to?

Cheers,
Jeroen
-- 
Jeroen C. van Gelderen - jeroen@vangelderen.org - 0xC33EDFDE


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message