pgpfan:agevspgp
Differences
This shows you the differences between two versions of the page.
Both sides previous revisionPrevious revisionNext revision | Previous revision | ||
pgpfan:agevspgp [2021/07/13 16:30] – [Encrypted Backups] Clearer and to the point b.walzer | pgpfan:agevspgp [2021/12/30 23:01] (current) – [File Substitution] Typo. b.walzer | ||
---|---|---|---|
Line 44: | Line 44: | ||
To be clear, " | To be clear, " | ||
- | Here is what this would look like in practice using the example of a single flipped bit near the start of the encrypted file. First age: | + | Here is what this would look like in practice using the example of a single flipped bit((Please note that the single flipped bit here is not a realistic example and that in practice damage tends to encompass one or more media blocks. Such blocks tend to be multiples of 512 bytes. Often the blocks are entirely missing.)) |
$ age -d -i key.txt -o totc_out.txt totc.txt.age | $ age -d -i key.txt -o totc_out.txt totc.txt.age | ||
Line 83: | Line 83: | ||
At this point you might want to consider how often longer term backups end up with bad sections. Then consider how many attackers exist with sufficient skill, combined with sufficient knowledge of the organization and content of your backups to do reliable changes. Attackers that are willing to have their efforts revealed after the first attempt. This would seem to be where OpenPGP is superior to age. | At this point you might want to consider how often longer term backups end up with bad sections. Then consider how many attackers exist with sufficient skill, combined with sufficient knowledge of the organization and content of your backups to do reliable changes. Attackers that are willing to have their efforts revealed after the first attempt. This would seem to be where OpenPGP is superior to age. | ||
- | ====Signed Backups==== | + | The ultimate point here is that " |
+ | |||
+ | ====File Substitution==== | ||
+ | |||
+ | Public key encryption has a generic consideration that is quite relevant here. Anyone with access to the public key can easily create a file that will pass any file modification tests ... because after all //that// file has not been modified after creation. You can try to keep the public key secret but a public key design does not guarantee that the public key can not be derived from the encrypted material. That guarantee only applies to the secret key. So an attacker can skip the bother of attempting to overcome the authentication and just replace the file with whatever they want. | ||
+ | |||
+ | The traditional fix for this weakness is to cryptographically sign the file ... and, once again, age does not do signatures. An age user would need to go through the process of finding a separate signing utility and would have to apply it correctly while using a separate signature file. A GnuPG user would only have to add a '' | ||
- | Doing backups in this way means that you have to keep the public key secret((There is no hard guarantee that the public key can not be derived from the encrypted material somehow. The guarantee is that the //private// key can not be derived in this sort of system)). Otherwise an attacker could replace something like a backup with a completely new file that would pass the integrity check(s). If the public key can not be kept secret then the backup would have to be signed. That would be as simple as adding a '' | ||
=====Conclusion===== | =====Conclusion===== |
pgpfan/agevspgp.1626193806.txt.gz · Last modified: 2021/07/13 16:30 by b.walzer