> "Tim O'Callaghan" <[EMAIL PROTECTED]> writes: > > > If the UK government wanted info from my machine, they > would come and > > take my machine. Hmm... Have to think about what would > happen if someone > > > > stole my machine... But anyway the threat model here is domestic. > > Ok, so you're talking about your neighbor, which about the > same number of resources as you have... Ok.. > > > Depends... Approx how many transmissions do you need to > have a crack > > at a long term key? > > Probably on the order of 2^80 (give or take) for a 3des/aes > long-term key... Note that this happens about once every 10 > hours per user, so isn't very likely. > > The "AFS long-term key" is used for each RX connection at > connection setup time. This, unfortunately, is a 1DES key so > it only needs about 2^50 (give or take) connection setups -- > however that doesn't happen very frequently, either. > > Then there is the "AFS Session Key", which is used to > authenticate and encrypt the data. This key is only valid > for 8-10 hours and is again a 1DES size key. How much data > are you sending in 8-10 hours? >
So what you're saying is i might expect trouble in say 1,285 billion years? > Also, how much computation power do you expect your neighbor to have? > I'm assuming my neighbour doesn't have access to a large node Beowulf cluster, quantum computer, or advanced alien technology... yet :) > > > This depends on your actual threat model. Could the NSA do > > > it? Yea. But they could also do it with SSL, too ;) > > > Could your neighbor? HIGHLY unlikely. > > My neighbour represents a constant threat, as they will be > there for > > the long term, and hence have much more of an opportunity to have a > > crack at it. Would they? no idea. > > Could they? assuming i patch regularily, as you say highly > unlikley. But > > in general, i prefer to be on the moderate side of > paranoid, more of a > > hobby than a career :) > > See, that appears to be your problem.. No offense, but > you're being paranoid without actually understanding the risks. :( > True, which is why I asked. Sorry if it started to wander off topic, but I wanted to know if AFS would encrypt the file the during transfer "out of the box". For my current application, a secure authentication scheme is needed, but if the file isn't secured during transfer then it becomes pointless. > > By my way of thinking (again I'm only a layman) they'd have to crack > > my SSL and then have a crack at openAFS & Kerberos(?) > > Nope, it doesn't work that way. They can just collect all > your traffic and work on it later. Once they break your SSL > key they go back and have all your other data in storage -- > so now they go an work on that. > I had assumed this. I mentioned it because i thought it would serve to encrypt actual file transfer. The fact it would increase the time needed to gain access by another hundred billion years or so, is a bonus. > ALL of this is extremely unlikely. I would bet a dollar to a > dime that that 95% of all neighbors out there would give up > as soon as they saw WEP, and 99% (or more) of all neighbors > would give up if data was encrypted in ANY way at the next level). > > Seriously, _ANY_ real encryption (I'll admit that WEP isn't > real) is "good enough" against your neighbor, unless your > neighbor happens to be in the NSA. I'll even go so far as > saying that WEP (even though it IS broken) is useful against > most neighbors... > After seeing the figures above, I agree. I shall have to do some more serious RTFM on cryptography. As for WEP, the fact it IS broken is the reason i have been asking these questions. No need to be complacent when i can easily fix the problem using a working encryption scheme. > So, in my expert opinion: Kerberos and AFS is "good enough" > to protect you from your neighbors. > Thanks for putting my mind at ease... Tim. _______________________________________________ OpenAFS-info mailing list [EMAIL PROTECTED] https://lists.openafs.org/mailman/listinfo/openafs-info
