Re: Encrypted remote backups & issues

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



At 12:43 Uhr -0400 19.09.2003, Michael Richardson wrote:
  And, you'd like them encrypted on the remote system, not just protected
between local and remove systems?

yes. It's about doing backups from my single most trusted machine, too, so I must prevent any sensitive information to leave this machine unencrypted completely.


    Christian> 2. I realize that cryptoloop does not use checksums/signatures
    Christian> at all. Of course that means that an attacker can easily
    Christian> destroy my backup volume while in transit or while stored on
    Christian> the (broken in) backup server in subtle ways, so that I won't

  That's where the NFS underlying layer to a large file might be a better
choice than NBD.

It's not any different regarding secure cryptographic hashes than NBD - I even think they need *both* a secure transport layer (ssh tunnel or ipsec) to give any reliability against modification while in transit. And regardless from this, if I can't trust the server, I need crypto hashes with the key *I* am using in the encryption part of the archive -> which means inside crypto-loop. If crypto-loop does encryption but not encrypted checksums, there's basically no way to add that in back later. One could create signatures of the whole *encrypted* data and encrypt that signature ex post (with the same key being used by crypto-loop), *but* if I don't store the encrypted data on a trusted host, I can't create a trusted signature there either. So the signature must be generated before the data leaves the trusted machine - and since data leaves the machine in blocks that only crypto-loop and nbd know about, checksumming must be built into nbd or crypto-loop. Of course the latter would be the preferred way.


Now, independently of the above security considerations, do you mean that accessing a large file through NFS for crypto-loop purposes is going to be more stable than accessing it through NBD? Both NFS and NBD are in the kernel, and while NBD is *meant* to deliver block devices accessible by other kernel code, NFS files are meant to be accessed from userspace, so I have some doubt as to whether NFS files would be less prone to deadlocks when used for crypto-loop.

Christian.
-
Linux-crypto:  cryptography in and on the Linux system
Archive:       http://mail.nl.linux.org/linux-crypto/


[Index of Archives]     [Kernel]     [Linux Crypto]     [Gnu Crypto]     [Gnu Classpath]     [Netfilter]     [Bugtraq]
  Powered by Linux