ietf-openpgp
[Top] [All Lists]

Re: [openpgp] 4880bis: Update S2K

2015-04-30 03:07:06
On Wed, 29 Apr 2015 16:18, coruus(_at_)gmail(_dot_)com said:
I think that both I and Tom Ritter have previously linked to Adam Langley's
post on this: Doing this right requires 'packetizing' data and computing

IIRC, that is about "cat foo | decrypt | tar xf -"

There are lot of reasons why storing data on a system may fail.  It does
not help if you are early notified about tampered data instead of
checking that after having processed all data.  For example an attacker
might tamper with the last blocks of the data and your intermittent
checks won't help at all.

Using Unix tools requires workmanship.  Unix is a set of tools which are
very powerful if used right.  For example for using above quoted
pipeline you need to make sure several things: For example, is your tar
safe and does not follow ".." file name parts.  Of course you unpack
into a freshly created subdirectory to avoid cluttering the current
directory.  You need to check that all tools finished with success, have
all kind of extra checks applied to verify signatures during "decrypt",
and only then to the mv dance to replace old data by the freshly untared
one.

Remember: Unix is a user-friendly; it is just picky with whom it chooses
to be friends.

I would also like to a have a random access encrypted data format option
but I doubt that this should be the goal of OpenPGP.


Salam-Shalom,

   Werner

-- 
Die Gedanken sind frei.  Ausnahmen regelt ein Bundesgesetz.

_______________________________________________
openpgp mailing list
openpgp(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/openpgp