Thanks Shachar.
2008/6/24 Shachar Shemesh <[EMAIL PROTECTED]>:
> Hi all,
>
> Version 1.11 of your favorite rsync friendly encryption program (it is,
> isn't it?) has just been released. Many many many new stuff, addressing
> almost all of the open issues recently raised.
>
> Compilation should now just work for cygwin, and as far as I can tell,
> for Mac OS X (not sure about that, though). I can't tell if the run time
> problem has been resolved or not, as it does not happen on my systems.
>
> Error messages have been greatly improved. If a file cannot be opened,
> rsyncrypto will report which file that was. Also, in case of an error,
> only the errored file will be aborted, and rsyncrypto will continue its
> operation. It will print an additional error report at the end of the
> entire encryption process.
>
> Also, I have finally fixed the oldest bug of them all. The one that
> tripped Frederico. If an attempt is made to decrypt a file with no valid
> symmetric key, it will be reported as an error and processing will
> continue, rather than issue a segmentation fault.
>
> Please bear in mind that I am not 100% sure that my code for detecting
> whether the private key is available is correct. Technical details
> further on, but in for those not interested in the details, please check
> this with your system, and make sure cold decryption works for you.
>
> As usual, share and enjoy.
> Shachar
>
> Technical stuff:
> RSA works by taking a modulo based power. So if the message is "m", the
> encrypted message C will be M^e mod n. e is a fairly standard number
> (typically, either 3 or 2^16+1 = 65537). "n" is the "public key", and is
> devised by generating two prime numbers, called "p" and "q", where
> n=p*q. "p" and "q" are the private key.
>
> What some people do not know is that you don't actually need p and q in
> order to perform a decryption. p and q are not, theoretically, used
> directly. Instead, a number, d, is derived from p and q. The decryption
> process can be described as M = C^d mod n. This means you need d and n
> in order to decrypt, but you don't need p and q.
>
> Typically, p and q are being stored, for no other reason than to save on
> processing. In practice, openssl will typically calculate M1 = C^d mod p
> and M2 = C^D mod q, and then combine M1 and M2 into M using the Chinese
> remainder theorem. For that reason, an OpenSSL private key will,
> typically, have p and q, and these are the numbers that I check exist or
> not to find out whether I have the private key.
>
> Like I said before, the private key can be used even without p and q. If
> that is the case, rsyncrypto may incorrectly deduce that the private key
> is not present, and fail the decryption despite all data being
> available. This is what I want you all to test for me - that you can
> perform cold (i.e. - without the symmetric keys) decryption with your
> private key.
>
> Thanks
>
>
> -------------------------------------------------------------------------
> Check out the new SourceForge.net Marketplace.
> It's the best place to buy or sell services for
> just about anything Open Source.
> http://sourceforge.net/services/buy/index.php
> _______________________________________________
> Rsyncrypto-devel mailing list
> Rsyncrypto-devel@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/rsyncrypto-devel
>
-------------------------------------------------------------------------
Check out the new SourceForge.net Marketplace.
It's the best place to buy or sell services for
just about anything Open Source.
http://sourceforge.net/services/buy/index.php
_______________________________________________
Rsyncrypto-devel mailing list
Rsyncrypto-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/rsyncrypto-devel