I am happy to report that our vim encryption implementation is NOT affected by any of the weaknesses in the encryption algorithms and implementations in news recently, e.g. http://blog.cryptographyengineering.com/2013/09/rsa-warns-developers-against-its-own.html
On Mon, Feb 18, 2013 at 10:05 PM, Ben Fritz <[email protected]> wrote: > On Saturday, February 16, 2013 7:25:54 PM UTC-6, Ulrik wrote: > > On 2013-02-16 18:16, Bram Moolenaar wrote: > > > > > The whole point of the encryption is to make the text unreadable. It > is > > > > > not a signature of any kind. Signing files, encrypted or not, is a > > > > > totally different thing and there are plenty of tools for that. > > > > > > > > > > > > > The type of the attack is that if you XOR a value with the ciphertext, > > > > the same XOR difference shows in the decrypted text. Knowing a small > > > > part of the plaintext is not a big requirement on an attack as simple as > > > > this one. > > > > > > I still don't think preventing this kind of attack is within the scope of > Vim's encryption. > > > > > I understand that Vim only wants to provide confidentiality, not > > > > integrity, but taken together with the usability issue of not giving > > > > notice of a wrong password, I don't understand the choice. I don't enjoy > > > > the possibility given that I might absent-mindedly type :w when getting > > > > the garbage output after a mistyped password, destroying my data. > > > > > > But I think THIS is an excellent argument for your proposed feature. If we > can easily protect the user from accidentally corrupting their important > file, then it is a very good idea. There is already checksum code within > Vim for the undo file...I think it uses some sort of SHA algorithm. I don't > think this should be too hard to implement. > > I think :w! should force a write even though the checksum is wrong just in > case somebody is doing something kooky intentionally, but :w with a > mismatched checksum should give an error. > > As somebody mentioned, the encryption already stores a version flag in the > file, so this should be a backwards compatible change. > > Should a file which was read without the checksum, also be written without > one? I normally wouldn't think so, but perhaps it would be best to prevent > that older Vims can't read the file after editing it in a newer Vim. > > A recent patch also added a vimscript function to get the checksum, I > wonder if that could be used to do this as a plugin. I think it would be > better built-in however. > > -- > -- > You received this message from the "vim_dev" maillist. > Do not top-post! Type your reply below the text you are replying to. > For more information, visit http://www.vim.org/maillist.php > > --- > You received this message because you are subscribed to the Google Groups > "vim_dev" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to [email protected]. > For more options, visit https://groups.google.com/groups/opt_out. > > > -- -- You received this message from the "vim_dev" maillist. Do not top-post! Type your reply below the text you are replying to. For more information, visit http://www.vim.org/maillist.php --- You received this message because you are subscribed to the Google Groups "vim_dev" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. For more options, visit https://groups.google.com/groups/opt_out.
