Re: Encrypted configuration file?
- From: Kristian Gjøsteen <kristiag+news@xxxxxxxxxxxx>
- Date: Fri, 28 Apr 2006 07:47:22 +0000 (UTC)
mike3 <mike4ty4@xxxxxxxxx> wrote:
1. For authentication, upon saving out the config, we attach an MAC
generated with a user-supplied password, which also locks the
configuration program. [...]
2. For obscurity, we encrypt the config with a key stored in another
file somewhere else on the drive, [...]
How good is this system, given the purpose of it?
The obvious objection is that if someone can tamper with the configuration
file, why can't they tamper with the program? If they can tamper with
the program, then everything is trivially lost.
However, if you have an obscure sitation where the adversary cannot
tamper with the program, but can tamper with the configuration file,
the MAC trick will work. (Passwords are a problem, it would be better
to use something else, but it has to be stored securely. That may or
may not be difficult.)
The encryption trick is just obscurity, as you know. Make sure you encrypt
after you MAC, _not_ before, since if the adversary can tamper with the
key, he may be able to modify the decryption in a sensible way.
--
Kristian Gjøsteen
.
- Follow-Ups:
- Re: Encrypted configuration file?
- From: Mike Amling
- Re: Encrypted configuration file?
- References:
- Encrypted configuration file?
- From: mike3
- Encrypted configuration file?
- Prev by Date: Re: Implementing byte stream cipher
- Next by Date: Re: is it sufficient to solve factoring problem
- Previous by thread: Encrypted configuration file?
- Next by thread: Re: Encrypted configuration file?
- Index(es):
Relevant Pages
|
|
