I got a good security one more ya.

Kent Borg kentborg at borg.org
Fri Mar 31 15:49:00 UTC 2006


On Fri, Mar 31, 2006 at 08:01:18AM +0100, curtis wrote:
> You should look into encrypting your data you need private as UNIX based
> permissions won't work really, well they do but 'root' on the other
> machine could easily read it.

Look carefully, however.

If you do good encyption with a really good passphrase/key, the key
will be hard to remember.  (By definition.  Any key which is easy to
remember has little entropy and could yield to a brute force key
search by a motivated foe with money.)

If you do have a good key and encryption, if you lose your key, you
are completely hosed.  There is no key recovery if you have a secure
system.

So there is the passphrase security/risk trade-off.  Reuse a password
you use everywhere else and your security won't be so good.


A second consideration is reliability.  If a normal disk volume has a
problem and slips a few bits, you can likely recover by running
"fsck".  fsck will go over the disk, look at the broken data, and try
to put it back together; a little bit like when your checkbook doesn't
balance, you go back and check things, and fix the error.

In the case of encryption there are two layers.  On the disk the data
is scrambled (so the bad guys can't read it), on top of that is the
encryption software and it presents us with a second layer, the
decrypted volume.  The relationship between the decrypted data and the
encrypted data is very carefully contrived to be very messy.  If an
error happens in the encrypted data (just one bit being flipped!) it
will spray across many unencrypted bits.  This makes the job of fsck
much harder and you could lose your data.

Disclaimer 1: I have not experimented with corrupting encrypted data
and seeing what happens and how lethal it is.  It might not be as bad
as I suggest, or it might be worse.

Disclaimer 2: I have not investigated the state of disk encryption to
know how much redundancy is build in specifically to deal with disk
corruption.  It is possible the problem I describe is much reduced if
you make the right encryption choice.


-kb





More information about the ubuntu-users mailing list