On 11/10/2018 06:44, Paul Chubb wrote:
Hi thanks for the responses. I try not to do crypto for the very
reasons you raise - i simply don't know enough and your (good) pointed
questions have demonstrated that.
Context:
We are trying for GDPR and other privacy law compliance. We probably
As with essentially all open source software, there is no warranty with OpenSSL.
Having said that, people use the OpenSSL applications for all sorts of things,
including what you are doing.
--
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
> From: openssl-users [mailto:openssl-users-boun...@openssl.org] On Behalf
> Of Matt Caswell
> Sent: Thursday, October 11, 2018 05:04
>
>
> On 11/10/18 09:47, Peter Magnusson wrote:
> > You would be better off with AES-CCM or such for your backup, that
> > gives you the integrity check.
> > i.e.
> From: openssl-users [mailto:openssl-users-boun...@openssl.org] On Behalf
> Of Viktor Dukhovni
> Sent: Wednesday, October 10, 2018 23:12
>
> On Thu, Oct 11, 2018 at 01:23:41AM +, Michael Wojcik wrote:
>
> > - Data recovery from an encrypted backup is tough. With CBC, one bit goes
> > astray
On Oct 11, 2018, at 05:03, Matt Caswell wrote:
> On 11/10/18 09:47, Peter Magnusson wrote:
>> You would be better off with AES-CCM or such for your backup, that
>> gives you the integrity check.
>> i.e. you would be reasonably sure what you decrypt is encrypted with your
>> key.
>
> I'd just
On 11/10/18 09:47, Peter Magnusson wrote:
> You would be better off with AES-CCM or such for your backup, that
> gives you the integrity check.
> i.e. you would be reasonably sure what you decrypt is encrypted with your
> key.
I'd just point out that CCM and other AEAD modes are not
You would be better off with AES-CCM or such for your backup, that
gives you the integrity check.
i.e. you would be reasonably sure what you decrypt is encrypted with your key.
So the fist question would be why even consider AES-CBC? Somewhere in
the decision process you ought to go "Is the
Hi thanks for the responses. I try not to do crypto for the very reasons
you raise - i simply don't know enough and your (good) pointed questions
have demonstrated that.
Context:
We are trying for GDPR and other privacy law compliance. We probably need
to meet GDPR, US requirements, Australian
On Thu, Oct 11, 2018 at 01:23:41AM +, Michael Wojcik wrote:
> - Data recovery from an encrypted backup is tough. With CBC, one bit goes
> astray and you've lost everything after that.
No, a 1 bit error in CBC ciphertext breaks only the current block,
and introduces a 1 bit error into the
> From: openssl-users [mailto:openssl-users-boun...@openssl.org] On Behalf Of
> Paul Chubb
> Sent: Wednesday, October 10, 2018 19:16
> I am in the process of using the openssl suite for many things including
> encrypting private information. There is a heap of information on the internet
>
Hi,
I am in the process of using the openssl suite for many things
including encrypting private information. There is a heap of information on
the internet suggesting using the openssl client for these sort of
purposes. However in a very few places there are also statements that the
client
11 matches
Mail list logo
