Re: Non-expert's encryption question

From: Bill Unruh (unruh@physics.ubc.ca)
Date: 01/31/02 

From: unruh@physics.ubc.ca (Bill Unruh)
Date: 31 Jan 2002 01:19:20 GMT

In <3C586FE5.F650DCD9@triumf.ca> Joseph Mildenberger <Joe.Mildenberger@triumf.ca> writes:

]I ask this question as a largely ignorant user of scp/ssh, and of
]encryption in general. I understand, or at least think I so, the need
]for encrypting passwords and other private user-related info. But for
]most of the work I do, I don't really care whether the _content_ of
]stuff I ship across the internet is encrypted or not: there's no
]personal/private/proprietary information involved . For small amounts of
]data the encryption/decryption probably does not add significantly to
]the transfer time. However, there are occasions when I need to move
]around GB's of binary data from our particle physics experiments. In
]this case, I believe that the encryptions/decryption causes a big
]overhead in the transfer time; at least, this is what it seems to me
]when I recall the relatively fast transfers in the free and easy - and,
]alas, bygone - days of ftp. And, it is all entirely pointless, as far as
]I am concerned, as the unencrypted data would be just as meaningless in
]the hands of "bad guys" as the encrypted data.

] So my question, or actually, several questions, are:

]1. Am I just imagining it that transfering large amounts of data via scp
]is much slower it would be using ftp?

]2. If it _is_ really slower, is there some configuration of scp/ssh
]whereby the password and other sensitive "hand-saking" info. is
]encrypted, but the rest of the (non-sensitive).

]3. If it is not possible to entirely turn off encryption, can one do
]anything to speed things up?

Get and install srp. It is a secure password exchange and allows you to decide
if you want to encrypt as well. (Its password security is higher than ssh as it
idoes bilateral verification.)

Relevant Pages

  • Non-experts encryption question
    ... overhead in the transfer time; at least, this is what it seems to me ... If it _is_ really slower, is there some configuration of scp/ssh ... If it is not possible to entirely turn off encryption, ...
    (comp.security.ssh)
  • Re: Non-experts encryption question
    ... > overhead in the transfer time; at least, this is what it seems to me ... bygone - days of ftp. ... If it is not possible to entirely turn off encryption, ... to decrypt it after the transmission with an SSH session. ...
    (comp.security.ssh)
  • Re: firewalls that can ssl ftp?
    ... Secure Transfers ... Bruce Schneier's Blowfish encryption for data transfers. ... Secure SSL based Web Administration Portal ... Works with other FTP Clients/Servers ...
    (Security-Basics)
  • RE: Encryption for FTP/MAil/Web
    ... Subject: Encryption for FTP/MAil/Web ... Tunneling ftp through ssh ... ssl-ftp can encrypt the control & data channel; ... As for ssl-ftp servers, I only found one RFC compliant one for Windows; ...
    (Security-Basics)
  • Re: How to secure FTP?
    ... >> So I am also hearing in this thread that secure FTP isn't really ... It's meant more for encryption than anything else? ... > and password are required by the server in order to log on, ... > other mechanisms (such as SSL) that are supported by a number of third ...
    (microsoft.public.inetserver.iis.ftp)