[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Encrypted remote backups & issues

To: Michael Richardson <mcr@sandelman.ottawa.on.ca>
Subject: Re: Encrypted remote backups & issues
From: Christian Jaeger <christian.jaeger@ethlife.ethz.ch>
Date: Sat, 20 Sep 2003 12:45:22 +0200
Cc: linux-crypto@nl.linux.org
In-Reply-To: <14765.1063989791@marajade.sandelman.ottawa.on.ca>
List-archive: <http://mail.nl.linux.org/linux-crypto/>
List-help: <mailto:listar@nl.linux.org?Subject=help>
List-owner: <mailto:riel@nl.linux.org>
List-post: <mailto:linux-crypto@nl.linux.org>
List-software: Listar version 1.0.0
List-subscribe: <mailto:linux-crypto-request@nl.linux.org?Subject=subscribe>
List-unsubscribe: <mailto:linux-crypto-request@nl.linux.org?Subject=unsubscribe>
Original-Recipient: rfc822;linux-crypto-archive@nl.linux.org
References: <14765.1063989791@marajade.sandelman.ottawa.on.ca>
Sender: linux-crypto-bounce@nl.linux.org

At 12:43 Uhr -0400 19.09.2003, Michael Richardson wrote:
>   And, you'd like them encrypted on the remote system, not just protected
>between local and remove systems?

yes. It's about doing backups from my single most trusted machine, 
too, so I must prevent any sensitive information to leave this 
machine unencrypted completely.

>     Christian> 2. I realize that cryptoloop does not use checksums/signatures
>     Christian> at all. Of course that means that an attacker can easily
>     Christian> destroy my backup volume while in transit or while stored on
>     Christian> the (broken in) backup server in subtle ways, so that I won't
>
>   That's where the NFS underlying layer to a large file might be a better
>choice than NBD.

It's not any different regarding secure cryptographic hashes than NBD 
- I even think they need *both* a secure transport layer (ssh tunnel 
or ipsec) to give any reliability against modification while in 
transit. And regardless from this, if I can't trust the server, I 
need crypto hashes with the key *I* am using in the encryption part 
of the archive -> which means inside crypto-loop. If crypto-loop does 
encryption but not encrypted checksums, there's basically no way to 
add that in back later. One could create signatures of the whole 
*encrypted* data and encrypt that signature ex post (with the same 
key being used by crypto-loop), *but* if I don't store the encrypted 
data on a trusted host, I can't create a trusted signature there 
either. So the signature must be generated before the data leaves the 
trusted machine - and since data leaves the machine in blocks that 
only crypto-loop and nbd know about, checksumming must be built into 
nbd or crypto-loop. Of course the latter would be the preferred way.

Now, independently of the above security considerations, do you mean 
that accessing a large file through NFS for crypto-loop purposes is 
going to be more stable than accessing it through NBD? Both NFS and 
NBD are in the kernel, and while NBD is *meant* to deliver block 
devices accessible by other kernel code, NFS files are meant to be 
accessed from userspace, so I have some doubt as to whether NFS files 
would be less prone to deadlocks when used for crypto-loop.

Christian.
-
Linux-crypto:  cryptography in and on the Linux system
Archive:       http://mail.nl.linux.org/linux-crypto/

Follow-Ups:
- Re: Encrypted remote backups & issues
  - From: Michael Richardson <mcr@sandelman.ottawa.on.ca>

References:
- Re: Encrypted remote backups & issues
  - From: Michael Richardson <mcr@sandelman.ottawa.on.ca>

Prev by Date: Re: Encrypted remote backups & issues
Next by Date: Re: Encrypted remote backups & issues
Prev by thread: Re: Encrypted remote backups & issues
Next by thread: Re: Encrypted remote backups & issues
Index(es):
- Date
- Thread