From mboxrd@z Thu Jan 1 00:00:00 1970 To: 9fans@cse.psu.edu Date: Tue, 12 Feb 2008 09:26:09 +0000 From: "Wilhelm B. Kloke" Message-ID: References: <9f69e5c07b90abc5a43f9031921adcb9@9netics.com>, <676c3c4f0802111449h7f9e0ae7h421ea563441c7b92@mail.gmail.com> Subject: Re: [9fans] s3venti Topicbox-Message-UUID: 508b695c-ead3-11e9-9d60-3106f5b1d025 Richard Bilson schrieb: >> and an issue related to the >> fact that we need to encrypt users' data. > > For the record, s3venti does encrypt blocks that it writes to S3. It > uses a single key, making it rather vulnerable to dictionary attacks, > but I haven't come up with a way to do better without changing the > venti protocol. Suggestions are welcome. Any sort of encryption which does not change the key from time to time is not very secure. If the attacker has enough time, security is not easy to get. I propose to divide the files to store, e.g. into upper and lower 4bit nibbles and put them into different places. In this case both halves are likely to be less worthy for themselves, and much more difficult to decipher, too. -- Dipl.-Math. Wilhelm Bernhard Kloke Institut fuer Arbeitsphysiologie an der Universitaet Dortmund Ardeystrasse 67, D-44139 Dortmund, Tel. 0231-1084-257 PGP: http://vestein.arb-phys.uni-dortmund.de/~wb/mypublic.key