On Mon, Jun 20, 2016 at 10:32 PM, Andrew David Wong <a...@qubes-os.org> wrote:
> -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA512 > > On 2016-06-20 18:05, Franz wrote: > > On Mon, Jun 20, 2016 at 1:51 PM, Andrew David Wong > > <a...@qubes-os.org> wrote: > > > > On 2016-06-19 08:40, Franz wrote: > >>>> On Sun, Jun 19, 2016 at 11:40 AM, Andrew David Wong > >>>> <a...@qubes-os.org> wrote: > >>>> > >>>> On 2016-06-19 04:38, Alistair Hutten wrote: > >>>>>>> Good evening, Alistair here from Australia, > >>>>>>> > >>>>>>> I'm after some help / recommendation to follow best > >>>>>>> practices (isolation between my different domains) > >>>>>>> > >>>>>>> My Current practice; > >>>>>>> > >>>>>>> - have encrypted vaults (cryptomator > >>>>>>> <https://cryptomator.org/>) one for personal, and one > >>>>>>> for work/business, - underlying encrypted files stored > >>>>>>> within Dropbox > >>>>>>> > >>>>>>> I do it this was because data is encrypted at rest, and > >>>>>>> more importantly before dropbox sees them, > >>>> > >>>> Careful: > >>>> > >>>> * Certain kinds of encryption are easier to break if the > >>>> attacker has repeated access to a changing ciphertext. > >>>> > >>>> > >>>>> Also, who knows what the future bring and when. Quantic > >>>>> computing promises to be able to crack current encryption > >>>>> systems. When this happens and if you are aware of it, you > >>>>> would need to change all your passwords. > >>>> > > > > That mainly applies to asymmetric, not symmetric, encryption: > > > > http://pqcrypto.org/ > > > > > >> Thanks Andrew, I had a look only at the first paper of you link > >> and it tells that the quantum computer problem is limited to > >> public key encryption. While there is no problem for secret key > >> encryption which would be the case for vault encryption. > > > > Well, it's not that quantum computing presents no problem *at all* for > secret key/symmetric encryption. Symmetric ciphers are still thought > to be vulnerable to Grover's algorithm, which basically means that key > length would effectively be halved (e.g., the strength of AES-256 > would be effectively halved to that of AES-128), but this is obviously > much less of a problem than the crypto being completely broken (as > would be the case for RSA, for example). > > > > >>>>> I would not send my encrypted vault over the internet and > >>>>> would not open it with anything different from my vaultVM. > >>>> > > > > Data confidentiality is encryption's raison d'ĂȘtre. If you can't > > send the ciphertext over the internet, then what's the point of > > encrypting it? > > > > > >> Well my idea was that there is no 100% security guarantee and it > >> is only a matter of relative security. So I considered that > >> keeping my backups in a NAS over a personal LAN was safer that > >> sending them over the internet. > > > > That's fair. I think that might qualify as security through obscurity > (or maybe "security through non-availibility"), but that's not to say > it doesn't still provide some real degree of security. > > >> But you link explains that I am wrong and that for any reasonable > >> future secret key encryption is 100% safe. So thanks Andrew. > >> This confidence certainly gives more peace of mind. > > Well... I didn't mean to give that impression. IANAC (I am not a > cryptographer), but when it comes to encryption, I don't think we > should say that anything is "100% safe." It's not that the algorithms > are apodictically unbreakable. Rather, we derive our confidence in > them from the fact that lots of smart people have spent lots of time > trying to break them, and no one has been successful yet (that we know > of!). That's why there are competitions to select algorithms. > > Also, even if the algorithm is secure, any given implementation you > use might not be. So, even though it's true (as people often say) that > the crypto itself is usually not the weak point in a digital system, I > also don't think (and didn't mean to give you the impression) that > it's "100% safe." > > You are right of course, but I was referring to sending encrypted vault over internet. It is not compulsory to do that. You can certainly live comfortably without doing that. So why should one do that? Only because there is expectation of a reasonable total safety, so that the difference to 100% may be negligible. But returning to Alistar post, describing the plan to "more importantly before dropbox sees them, can sync between different devices," Here, IMHO the difference to 100% in not at all negligible, because if you sync your encrypted vault among different device, it is probably because you want to open it in different devices and this is dangerous. Which is the point of maintaining Qubes if you expose your vault to the much lower security of other systems connected to internet? Best Fran - -- > Andrew David Wong (Axon) > Community Manager, Qubes OS > https://www.qubes-os.org > -----BEGIN PGP SIGNATURE----- > > iQIcBAEBCgAGBQJXaJkvAAoJENtN07w5UDAwODsP/i6pR+e8I/tVaPoQYRonG9X/ > KTxVWzbUcpooIjNYacmc8tDmVTEB3wm/RlZYiFUqKWlLgs4uXvt/5G0rgVtu/ErY > gMud0OPZwg8wtR4ow7nMBy19oW2U8IsFIyWoidw/Z8UzLJ0NuwpHHy5d8hMf1QbV > CNJ2ZDQLCidiKMnNWjB3ujWEHEcvNUhALBvCC71UU3CZ5L82SSuSSnE6H3nj4qCF > X8RyKOAbz8EPAs0RlrrkNigQ4Nw57NYl3GOyk1uzZChlbpPXFsCo7lJGkP44s6nN > CImgvKpVDj6UKk4u1TZFHR8BjVQ3TOiDfgmCC5WYckzZvFbbfbFv1sQoT5RbYyG4 > t3T1wz1wjvJ/4BhS9NeBKcToQTFT4Jk8jyZffqWhV9KNz0nZMUnehM0n+c8vRS4h > i1Vs2jmPAJgJBhySu4TxL52Vy6XfBTScw43yS+sxG41I+KpA+wpD/Ci8X1tJ+zys > uWr2o8TsmaUIx8EMP45CnqDYo0iCni1/LnrOHUb0WZ135vz4ZhNlsgi6w5Ybvgpv > w/GO1q0MmHAvJ82v1Y3PkQvKFFLKqZbfy7xvWP6xFM8DFS1D1T1hKTubNwVYFzku > cwxESsFm4Cql49pRHCTkEP4qJX2aoThK+SRPRzel6xGhJ9Ds5bycxQpty59SemEA > fe1tcSKdOyRi74eRUA7K > =ifcM > -----END PGP SIGNATURE----- > > -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/CAPzH-qCymDzyE0%3DeZxA3W1sa%3Dhv21Upee8kmsF2ojMnp%3DwOprw%40mail.gmail.com. For more options, visit https://groups.google.com/d/optout.
