-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 On Fri, Jan 20, 2017 at 03:12:54AM -0500, Jean-Philippe Ouellet wrote: > I would like to bring this list's attention to the availability of > what I believe to be a good non-OpenPGP solution to the problem of > cryptographically verifying code. > > The OpenBSD community has had very similar discussions internally > several years ago, and they resulted in the implementation of a > minimal non-OpenPGP signature creation & verification tool called > signify, using the NaCl primitives [1]. It has been successfully used > for package, release, and advisory signing for several years now, and > has been audited both within and without the OpenBSD community.
While the tool looks interesting, it solve somehow different problem than we have. The tool is only about signing data, with asymmetric crypto (so a key pair is needed). But in our case, we have problem with both integrity protection and encryption (in the old backup format, key derivation is weak). And also, IMO asymmetric is not the way to go here. It's about backup, which, by definition, should contain data necessary to restore your system, even in case of total system failure (or theft). If restoring the data would need additional key, you'll need to store this key somewhere, securely - so probably encrypted somewhere. And here we're back at the initial problem. - -- Best Regards, Marek Marczykowski-Górecki Invisible Things Lab A: Because it messes up the order in which people normally read text. Q: Why is top-posting such a bad thing? -----BEGIN PGP SIGNATURE----- Version: GnuPG v2 iQEcBAEBCAAGBQJYgek5AAoJENuP0xzK19csuTcH/RpD2xU7o2Gld71cGdRtbyGH lYdaC4XyuVlFcHHZQ2vh+hnWoishit2tKmi0YOi9kDHLqa7eZnDTtOYwmjIf8HCc ZAKLcL2ar7hdY/Jj3u3AyEd9tDd0MYZWTkMBcO7f6stugS3ROyAISX9mSWV/YhTT wH9iFuseumxATf7I18wReRpjIRdjmlXZqn5GT6ItmFsIVMBArP8uIjWE5UJiEax7 T1n4Z2ANpkn15SknVLaRWQgtFGN/g6neDqP9BL3kmsQiYrDiosCMyQ5cWsV9dF5C TJ+2xYkc+NX+bxC6P5wyKBmqHol7U5KlasDiiptUX83s/zfFs4p1+aJ1Kt4Rcto= =z1Qw -----END PGP SIGNATURE----- -- You received this message because you are subscribed to the Google Groups "qubes-devel" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-devel/20170120104056.GC5268%40mail-itl. For more options, visit https://groups.google.com/d/optout.
