From: "Jeroen C. van Gelderen" <jeroen@vangelderen.org> To: Kris Kennaway <kkennawa@physics.adelaide.edu.au> Cc: Adam Shostack <adam@breakwater.homeport.org>, nr1@ihug.co.nz, freebsd-security@FreeBSD.ORG Subject: Re: secure backup Message-ID: <373FEC63.D579485D@vangelderen.org> References: <Pine.OSF.4.10.9905171213420.28148-100000@bragg>
next in thread | previous in thread | raw e-mail | index | archive | help
Kris Kennaway wrote: > > On Sun, 16 May 1999, Adam Shostack wrote: > > > You're worried about errors on the tape, I presume? You could > > pipe the output of pgp through something that does redundant > > encoding, such that errors on the tape are recoverable outside > > the tape. There are some direct tradeoffs that you can find > > between bloat and recoverability; as you add bits, your odds > > of being able to reconstruct increase. > > Pipe the output of dump or tar or whatever you're using through > bdes(1). You don't need the overhead of PGP unless you want a > trusted third party to read the backup without knowing the > encryption key. PGP provides a password based encryption mode, just use that, you will still benefit from PGPs compression and checksumming facilities. > Pass the data through three > rounds of bdes doing an encrypt, decrypt, followed by encrypt (with different > keys, of course) and you've got yourself 3DES, which bdes doesn't seem to do > natively. Make the keys random, and stick those in a PGP file if you like. If you assume PGP is available, why not just use it? Using bdes(1) in this setup sounds way more complicated (thus error-prone) to me. > Transport the data stream to the server using ssh -c none (no need for the > overhead of another encryption layer unless you're really paranoid) Just being cautious is enough. Adding a layer of SSH encryption will at least twarth offline dictionary attacks on the backup passphrase. Encryption is cheap, why disable it if you don't have to? Cheers, Jeroen -- Jeroen C. van Gelderen - jeroen@vangelderen.org - 0xC33EDFDE To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?373FEC63.D579485D>