Re: symmetric keys
Brought to you by:
thesun
Menu
▾
▴
Re: symmetric keys
|
From: Shachar S. <rsy...@sh...> - 2005-08-24 10:55:08
|
Tom Metro wrote: > If we presume that change is infrequent among the file set granted > and that storage is probably a less limited resource than CPU in many > cases, ok > I would expect keeping around a copy of the encrypted files to be a > win, and thus a popular approach among rsyncrypto users. Huh? If storage is cheap compared to CPU, wouldn't keeping around an extra 60 bytes file be better than decrypting said file from within the big file better? > (In an ideal scenario, you'd have encryption hardware, and you could > simply patch rsync to perform its differencing against an encrypted > version of the source file in memory. That would be extremely difficult, due to the way rsync works. >> ...it allows us to not store the RSA private key, which is sensitive >> information, on the machine that does the encryption. > > > Hmmm...is keeping the private key "private" really an advantage, given > the way rsyncrypto works? Not mandating it is an advantage. Whether it really does help in each and every scenario - I don't know. Bear in mind that rsyncrypto was designed to be a tool in the Lingnu online backup service (http://www.lingnu.com/backup.html). It is therefor that scenario that takes outmost precedence in allocating my personal time. If you can come up with a usage scenario that does not break the interface consistency, I'll be glad to put it in. >> ...the public key can be built from the private key, when encrypting >> either the private or the public RSA key can be given as afourth >> argument. > > > Even better. So that means a user who is looking for a practical > (rather than maximum) security environment may choose to ignore the > symmetric keys (if there was an option to turn them off) and use a > single private key for all operations. I'd start with this as the > basic model for rsyncrypto, while continuing to support the more > complex approaches for those who desire the greater security. Well, it's too late to "start with this as the basic model". Rsyncrypto is approaching it's 16th release. If you can come up with a way that will not change the meaning of all existing invocations, I'll gladly consider it. >> I have now, and rejected the notion :-). Feel free to try and convince >> me based on the newly gained knowledge. > > > I gave it a shot. Did it work? Frankly, I don't think that the this use scenario is a priority to me. Like I said, if you come up with a command line syntax that is compatible with the current one and does what you want, and then be willing to implement it, I believe I'll put it in. Shachar |
