Re: RE: PGP scripting...

From: Mark Reardon (riscorpat_private)
Date: Wed Jan 08 2003 - 12:59:05 PST

Next message: Valdis.Kletnieksat_private: "Re: PGP scripting..."

Previous message: Glenn_Everhartat_private: "RE: PGP scripting..."
Maybe in reply to: Glenn_Everhartat_private: "RE: PGP scripting..."
Next in thread: Andre Mariën: "Re: PGP scripting..."
Next in thread: Pavel Kankovsky: "Re: PGP scripting..."
Next in thread: David Wagner: "Re: PGP scripting..."
Next in thread: Elliott Mitchell: "Re: PGP scripting..."
Next in thread: David Wagner: "Re: PGP scripting..."
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

I think Chris has the right idea. Confirm what threat vectors your are attempting to protect before developing the solution. 

For example, if your clients major issue is making sure backups, removed drives, and other maitenance functions for an external disk appliance (such as a Network Appliance Server) are protected from prying eyes, then the data keys must be kept off the drive array. Having them in the servers memory is acceptable.

If they are worried about people getting into the server and 'discovering' the sensitive data, explain the nature of encryption keys and that they are not raising the bar very far. They are just making it so that an attacker must find the keys and then attack the data. Keys are fairly easy to find since they are fairly random (most things on computers are not). In this event your client may be better off just locking down the system and not sacrificing performance.

As an aside, public encryption algorithms are cpu intensive and the resultant files will be larger than the originals. These both lead to additional cost. Another consideration for your customer.

I have enjoyed this thread. Good luck.

Mark

-------Original Message-------
From: Chris Matthews <chrisat_private>
Sent: 01/08/03 09:13 AM
To: 'Frank Knobbe' <fknobbeat_private>
Subject: RE: PGP scripting...

> 
> -----Original Message-----
From: Frank Knobbe [mailto:fknobbeat_private] 
....
>So once the data has been encrypted on that box, the statement "If the
>system is compromised, they have all the data they
> need to get all the data." is not true since all they can get is the
encrypted data.
....
>Regards,
>Frank


<snip>

I believe the original question involved more of a dynamic modification
of data on the machine's harddrive.  If this is the case, and automatic
encryption/decryption would require the public/private keys.

Another thought just occurred to me for Andrew:

Which key is being used to encrypt the data? If the public key is being
used (and bear with me; my pgp theory is foggy this morning :), then
technically anyone that has that public key can corrupt your encrypted
data.  If the private key was used, then anyone with the public key can
easily decrypt it.  This means that both keys need to be kept "secret",
or am I mistaken on this?

Perhaps you should propose to your client a reevaluation of what exactly
you're trying to protect and then try to find an encryption solution
that more closely matches your requirements.

Cheers,
Chris

>

Next message: Valdis.Kletnieksat_private: "Re: PGP scripting..."
Previous message: Glenn_Everhartat_private: "RE: PGP scripting..."
Maybe in reply to: Glenn_Everhartat_private: "RE: PGP scripting..."
Next in thread: Andre Mariën: "Re: PGP scripting..."
Next in thread: Pavel Kankovsky: "Re: PGP scripting..."
Next in thread: David Wagner: "Re: PGP scripting..."
Next in thread: Elliott Mitchell: "Re: PGP scripting..."
Next in thread: David Wagner: "Re: PGP scripting..."
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Wed Jan 08 2003 - 15:50:13 PST