On Friday, February 19, 2016 at 10:56:04 AM UTC-6, Tony Arcieri wrote: > > Please describe one such attack, that applies to data at rest, where the > > attacker is not able to have the system to decrypt arbitrary data, as is > > the case here. > > > > As was demonstrated in the OP, unauthenticated cryptography is vulnerable to > bitflipping. The response seems to be "I don't care". But if we look at the > set of use cases @paragonie-scott described, there are several potential > scenarios where an attacker can manipulate the ciphertext at rest: > > > > Vim encrypted data could be stored in Dropbox, Google Drive, NFS or Samba > shares, emailed to a recipient, uploaded to Github, ... > >
Yes, the response is indeed "I don't care." So what if they do flip a bit on cloud storage? They've ruined the file regardless of whether it has a MAC or not. The user will detect it pretty quickly when their decrypted file is all gibberish even if the system doesn't say "E9876: your file was corrupted!" This isn't an attack or vulnerability; corrupting a file will cause the user to throw it away or find a backup, not decrypt thousands of variations in a way the attacker can observe to gain information about the plaintext. If the attacker is in a position to observe the decryption, they're in a position to do easier and more effective attacks, aren't they? I'm not debating that a ciphertext could be corrupted without Vim noticing. I and others have asked why that matters in Vim's case. If there is a way to *access the data* from the bit flipping, then yes it's broken and needs fixing. But I haven't seen a convincing argument that there is such a vulnerability. Or, is this just a "code smell" sort of issue? As in, it's not necessarily broken, it just doesn't bode well for the system as a whole that it was left out? -- -- You received this message from the "vim_dev" maillist. Do not top-post! Type your reply below the text you are replying to. For more information, visit http://www.vim.org/maillist.php --- You received this message because you are subscribed to the Google Groups "vim_dev" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. For more options, visit https://groups.google.com/d/optout.
