Re: [9fans] s3venti - Wilhelm B. Kloke

9fans - fans of the OS Plan 9 from Bell Labs
 help / color / mirror / Atom feed

From: "Wilhelm B. Kloke" <wb@arb-phys.uni-dortmund.de>
To: 9fans@cse.psu.edu
Subject: Re: [9fans] s3venti
Date: Tue, 12 Feb 2008 09:26:09 +0000	[thread overview]
Message-ID: <slrnfr2huo.51k.wb@vestein.arb-phys.uni-dortmund.de> (raw)
In-Reply-To: <676c3c4f0802111449h7f9e0ae7h421ea563441c7b92@mail.gmail.com>

Richard Bilson <rcbilson@gmail.com> schrieb:
>> and an issue related to the
>> fact that we need to encrypt users' data.
>
> For the record, s3venti does encrypt blocks that it writes to S3. It
> uses a single key, making it rather vulnerable to dictionary attacks,
> but I haven't come up with a way to do better without changing the
> venti protocol. Suggestions are welcome.

Any sort of encryption which does not change the key from time to time
is not very secure. If the attacker has enough time, security is not easy
to get.

I propose to divide the files to store, e.g. into upper and lower 4bit
nibbles and put them into different places. In this case both halves are
likely to be less worthy for themselves, and much more difficult to
decipher, too.
--
Dipl.-Math. Wilhelm Bernhard Kloke
Institut fuer Arbeitsphysiologie an der Universitaet Dortmund
Ardeystrasse 67, D-44139 Dortmund, Tel. 0231-1084-257
PGP: http://vestein.arb-phys.uni-dortmund.de/~wb/mypublic.key

next prev parent reply	other threads:[~2008-02-12  9:26 UTC|newest]

Thread overview: 11+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2008-02-11  4:19 Richard Bilson
2008-02-11  7:11 ` Skip Tavakkolian
2008-02-11 14:49 ` erik quanstrom
2008-02-11 16:39   ` Richard Bilson
2008-02-11 20:44     ` Bakul Shah
2008-02-12 11:44       ` Alf
2008-02-12 12:43         ` erik quanstrom
2008-02-11 22:34   ` Skip Tavakkolian
2008-02-11 22:49     ` Richard Bilson
2008-02-12  9:26       ` Wilhelm B. Kloke [this message]
2008-02-12 17:45       ` Steve Simon

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=slrnfr2huo.51k.wb@vestein.arb-phys.uni-dortmund.de \
    --to=wb@arb-phys.uni-dortmund.de \
    --cc=9fans@cse.psu.edu \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).