Re: Problems compiling loop-aes 2.1c

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Bodo Staron wrote:
> Now, I did some of the examples and everything works nicely. I still
> have one question about security. Let's assume I use multi-key mode,
> like in "7.2. Example 2 - Partition backed loop with gpg
> encrypted key file".
> 
> The key file is on that server. Isn't that a huge security risk, like
> when your private PGP key leaks out? What if someone get's access to
> that gpg keyfile?

Examples in loop-AES README use symmetric cipher only to encrypt the key
file, but nothing prevents you from using public key crypto to encrypt the
key file.

Attacker still need to know the passphrase that protects the key file or
private key keyring. As long as attacker does not have that, key file
contents are protected. Best solution is to store key file on removable
USB memory stick.

-- 
Jari Ruusu  1024R/3A220F51 5B 4B F9 BB D3 3F 52 E9  DB 1D EB E3 24 0E A9 DD

-
Linux-crypto:  cryptography in and on the Linux system
Archive:       http://mail.nl.linux.org/linux-crypto/


[Index of Archives]     [Kernel]     [Linux Crypto]     [Gnu Crypto]     [Gnu Classpath]     [Netfilter]     [Bugtraq]
  Powered by Linux