smime.p7sDescription: S/MIME Cryptographic Signature
|
| From: | Ulf Ochsenfahrt |
| Subject: | Re: [Monotone-devel] netsync transport encryption? |
| Date: | Wed, 25 Oct 2006 16:29:30 +0200 |
| User-agent: | Thunderbird 1.5.0.7 (X11/20060927) |
Jeronimo Pellegrini wrote:
If you can label computers as "trusted" and "posibly hostile", then you can encrypt the database -- and never checkout or have the clear version on the hostile hosts. You would only decrypt it in trusted hosts where you'd keep your workspace. A solution based on communication encryption works also, but then you would have all hosts as "possibly hostile". It depends on your needs. My point is that if you encrypt the database, encrypting the channel is not necessary (because the diffs are sent encrypted already), and you can use plain netsync.
Not true. Encrypting the database and encrypting the channel solve different problems. And encrypting the database isn't the golden bullet you seem to assume it to be.
If you put an encrypted database on an untrusted host, you still have several problems:
1. the host knows that there is a database 2. the host can log all communication in both directions 3. the host can corrupt the databaseEncrypting the connection helps against accidental or willfull evesdroppers. (Though they still know that you did communicate.) If you don't encrypt the connection, evesdroppers also know:
1. what you do (monotone sync) 2. how many revisions 3. revision idsAnd then there's authentication. monotone already authenticates users so you can disallow (or allow) certain users to read and/or write from the database.
There are also problems with citing Bruce Schneier's "Applied Cryptography". Mr. Schneier himself has actually called mixed feelings about that book (go read "Beyond Fear" if you don't believe me).
Now, I've got Applied Cryptography as well, and I have Beyond Fear and Secrets and Lies, and I've actually read them. ;) The problem I see with encrypting the database or the connection is that it's so damn easy to make just a tiny programming mistake and fuck everything up (see ssh for example). And then for the sake of backwards compatibility, you have to keep it that way. For an encrypted connection, I'd much rather trust ssh and/or ssl tunnels. ssh/ssl has had a lot of eyes looking at it, which you can see from the fact that security issues _have_ been found.
That said, I am against having connection encryption (and all its overhead) in monotone. (On a side-note, I'd find it good if monotone could use gpg for signing and authentication. gpg is well-known and well-looked-at. Of course, it would add an external dependency, unfortunately.)
Cheers, -- Ulf
smime.p7s
Description: S/MIME Cryptographic Signature
| [Prev in Thread] | Current Thread | [Next in Thread] |