Date: Mon, 17 May 1999 23:33:34 +0930 (CST) From: Kris Kennaway <kkennawa@physics.adelaide.edu.au> To: "Jeroen C. van Gelderen" <jeroen@vangelderen.org> Cc: Adam Shostack <adam@breakwater.homeport.org>, nr1@ihug.co.nz, freebsd-security@FreeBSD.ORG Subject: Re: secure backup Message-ID: <Pine.OSF.4.10.9905172327060.9205-100000@bragg> In-Reply-To: <37401CDF.CEFA8B53@vangelderen.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On Mon, 17 May 1999, Jeroen C. van Gelderen wrote: > This feature has been available since PGP's early days. It uses PGP's > default symmetric cipher. Which is what? I don't have PGP handy here.. > > > If you assume PGP is available, why not just use it? Using bdes(1) in > > > this setup sounds way more complicated (thus error-prone) to me. > > > > There's no /need/ to use PGP in this step - clearly you could do anything you > > like with the local keys, such as printing them out, or storing them as > > plaintext (or keeping a constant key used for multiple backups). > > I realize that. But using bdes(1) when you have PGP available is not a > very good idea. Using bdes(1) actually never is a good idea because of > it's crappy key handling (no hashing). bdes(1) allows you to shoot > yourself in the foot without you realizing it. Can you elaborate on this? Apart from the fact that bdes expects keys to be given on the command line for non-interactive use (and not taken from a file, which should be an easy hack to make), what's wrong with it? > > If you use a random passphrase as in my suggestion then dictionary attacks are > > worthless and you're only vulnerable to an (expensive) brute force keyspace > > search. Encrypting the already encrypted stream doesn't buy you anything I can > > see, except the extra CPU time. But it's not a big deal. > > Uhm, a dose of reality here: how many people will pick random > passphrases of sufficient length? There is almost never reason to > disable SSH encryption. Yes, but the original problem related to a non-interactive tape backup. There is no reason to have the encryption key as a human-memorable phrase; on the contrary it's much better to make it a machine-generated random string of the sufficient length. Kris ----- "That suit's sharper than a page of Oscar Wilde witticisms that's been rolled up into a point, sprinkled with lemon juice and jabbed into someone's eye" "Wow, that's sharp!" - Ace Rimmer and the Cat, _Red Dwarf_ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.OSF.4.10.9905172327060.9205-100000>