Re: [openpgp] 4880bis: Update S2K

Werner Koch <wk@gnupg.org> Thu, 30 April 2015 08:06 UTC

Return-Path: <wk@gnupg.org>
X-Original-To: openpgp@ietfa.amsl.com
Delivered-To: openpgp@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C3D5C1ACEF8 for <openpgp@ietfa.amsl.com>; Thu, 30 Apr 2015 01:06:53 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.9
X-Spam-Level:
X-Spam-Status: No, score=-6.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_HI=-5] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Ht7bl4tCjadX for <openpgp@ietfa.amsl.com>; Thu, 30 Apr 2015 01:06:51 -0700 (PDT)
Received: from kerckhoffs.g10code.com (kerckhoffs.g10code.com [217.69.77.222]) (using TLSv1.2 with cipher DHE-RSA-AES128-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id D9A751ACEFA for <openpgp@ietf.org>; Thu, 30 Apr 2015 01:06:45 -0700 (PDT)
Received: from uucp by kerckhoffs.g10code.com with local-rmail (Exim 4.80 #2 (Debian)) id 1YnjUa-0006Vx-2j for <openpgp@ietf.org>; Thu, 30 Apr 2015 10:06:44 +0200
Received: from wk by vigenere.g10code.de with local (Exim 4.84 #3 (Debian)) id 1YnjPL-0000FO-Qb; Thu, 30 Apr 2015 10:01:19 +0200
From: Werner Koch <wk@gnupg.org>
To: David Leon Gil <coruus@gmail.com>
References: <5527B621.3040104@cs.tcd.ie> <877ftkqhr4.fsf@vigenere.g10code.de> <alpine.GSO.1.10.1504101556210.22210@multics.mit.edu> <CAA7UWsVTF4tgvaE+S4++JDHy7eHu6Kbus7RTX793pvDLHowm1g@mail.gmail.com> <87egnbs4fp.fsf@vigenere.g10code.de> <5538A5A9.2020703@polimi.it> <CAOyHO0zutrEZBp0UgA1+10kEvvDw2QWcM3gEkn-FrignoP_nvA@mail.gmail.com> <CAOyHO0wvYVciTVbb0HF+qvE7d3ar=Z2+TcsHcsKErb9gmZ=g6w@mail.gmail.com> <2F8871E0-3DF9-4EF3-A136-5F104BF7307F@callas.org> <9A043F3CF02CD34C8E74AC1594475C73AB0075D3@uxcn10-tdc05.UoA.auckland.ac.nz> <6EAE2413-E6BD-41EB-9A0D-9A56EB18B07B@callas.org> <87mw1sbusl.fsf@vigenere.g10code.de> <553FC996.3010500@googlemail.com> <87618g83v4.fsf@vigenere.g10code.de> <553FF387.9000501@googlemail.com> <CAA7UWsXHkzpPmB5ZKewt3_VwyWtumsG0FF1AtBh_4O1zM90GHA@mail.gmail.com> <87wq0v794r.fsf@vigenere.g10code.de> <sjmbni72fj7.fsf@securerf.ihtfp.org> <CAA7UWsWgeV654fhqeuuJ8+RADfVj1AcprdYqqntdWd5B1j94YQ@mail.gmail.com>
Organisation: g10 Code GmbH
X-message-flag: Mails containing HTML will not be read! Please send only plain text.
OpenPGP: id=F2AD85AC1E42B367; url=finger:wk@g10code.com
Mail-Followup-To: David Leon Gil <coruus@gmail.com>, Derek Atkins <derek@ihtfp.com>, Nils Durner <ndurner@googlemail.com>, "alessandro.barenghi\@polimi.it" <alessandro.barenghi@polimi.it>, "openpgp\@ietf.org" <openpgp@ietf.org>, Jon Callas <jon@callas.org>, Peter Gutmann <pgut001@cs.auckland.ac.nz>
Date: Thu, 30 Apr 2015 10:01:19 +0200
In-Reply-To: <CAA7UWsWgeV654fhqeuuJ8+RADfVj1AcprdYqqntdWd5B1j94YQ@mail.gmail.com> (David Leon Gil's message of "Wed, 29 Apr 2015 14:18:19 +0000")
Message-ID: <878uda59kg.fsf@vigenere.g10code.de>
User-Agent: Gnus/5.13 (Gnus v5.13)
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Archived-At: <http://mailarchive.ietf.org/arch/msg/openpgp/oLz_mOlyVvFLXmBhQWcx0nosjsM>
Cc: Nils Durner <ndurner@googlemail.com>, "alessandro.barenghi@polimi.it" <alessandro.barenghi@polimi.it>, "openpgp@ietf.org" <openpgp@ietf.org>, Jon Callas <jon@callas.org>, Peter Gutmann <pgut001@cs.auckland.ac.nz>, Derek Atkins <derek@ihtfp.com>
Subject: Re: [openpgp] 4880bis: Update S2K
X-BeenThere: openpgp@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "Ongoing discussion of OpenPGP issues." <openpgp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/openpgp>, <mailto:openpgp-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/openpgp/>
List-Post: <mailto:openpgp@ietf.org>
List-Help: <mailto:openpgp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/openpgp>, <mailto:openpgp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 30 Apr 2015 08:06:53 -0000

On Wed, 29 Apr 2015 16:18, coruus@gmail.com said:
> I think that both I and Tom Ritter have previously linked to Adam Langley's
> post on this: Doing this right requires 'packetizing' data and computing

IIRC, that is about "cat foo | decrypt | tar xf -"

There are lot of reasons why storing data on a system may fail.  It does
not help if you are early notified about tampered data instead of
checking that after having processed all data.  For example an attacker
might tamper with the last blocks of the data and your intermittent
checks won't help at all.

Using Unix tools requires workmanship.  Unix is a set of tools which are
very powerful if used right.  For example for using above quoted
pipeline you need to make sure several things: For example, is your tar
safe and does not follow ".." file name parts.  Of course you unpack
into a freshly created subdirectory to avoid cluttering the current
directory.  You need to check that all tools finished with success, have
all kind of extra checks applied to verify signatures during "decrypt",
and only then to the mv dance to replace old data by the freshly untared
one.

Remember: Unix is a user-friendly; it is just picky with whom it chooses
to be friends.

I would also like to a have a random access encrypted data format option
but I doubt that this should be the goal of OpenPGP.


Salam-Shalom,

   Werner

-- 
Die Gedanken sind frei.  Ausnahmen regelt ein Bundesgesetz.