Re: Encrypted configuration file?

"Mike Amling" <nospam@xxxxxxxxxx> wrote in message
news:QUs4g.757$E84.394@xxxxxxxxxxxxxxxxxxxx
| Kristian Gjøsteen wrote:
| > mike3 <mike4ty4@xxxxxxxxx> wrote:
| >
| >>1. For authentication, upon saving out the config, we attach an MAC
| >>generated with a user-supplied password, which also locks the
| >>configuration program. [...]
| >>
| >>2. For obscurity, we encrypt the config with a key stored in another
| >>file somewhere else on the drive, [...]
| >>
| >>How good is this system, given the purpose of it?
| >
| >
| > The obvious objection is that if someone can tamper with the
configuration
| > file, why can't they tamper with the program? If they can tamper with
| > the program, then everything is trivially lost.
| >
| > However, if you have an obscure sitation where the adversary cannot
| > tamper with the program, but can tamper with the configuration file,
| > the MAC trick will work. (Passwords are a problem, it would be better
| > to use something else, but it has to be stored securely. That may or
| > may not be difficult.)
|
| When you say the MAC trick will work, I wonder how the attacker is
| detected if she surreptitiously installs a previously valid
| configuration file? Is the user-supplied password changed with each
| change to the file?
|
| --Mike Amling

If you couldn't install a previously valid file, then how could you manage
fault-tolerance? Here's an idea:

1.) Arrange the layout of the file to start with am IV (could be the CRC32
of the entire (compressed data section) package)
2.) Compress the data
3.) Add a MAC followed by the compressed data image (IV+MAC+CDATA)
4.) Encrypt the file with a key internally derived at runtime from the
machine, user, disk ID, etc. via one-way hash
5.) Store the file in more than one place
6.) Code sign the application

There's no such thing as a perfect security scheme, but this would increase
the difficulty a bit for an attacker.

- Ed.

.

Relevant Pages

  • Re: Encrypted configuration file?
    ... For obscurity, we encrypt the config with a key stored in another ... The obvious objection is that if someone can tamper with the configuration ... Is the user-supplied password changed with each change to the file? ...
    (sci.crypt)
  • Re: Quad Core PC for less than a Mac Mini
    ... yet to prove that your configuration is better. ... Nobody in the Mac Mini's ... than a Dell with a similar configuration. ... The price delta is less now. ...
    (comp.sys.mac.advocacy)
  • Re: Some thoughts on mac vs win vs linux
    ... Mac OS X itself hard to figure out the configuration options? ... Linux in this regard, but more importantly, nor would I want it to (for ... given the choice, I'd prefer Expose. ...
    (comp.sys.mac.advocacy)
  • Re: Resetting Buffalo logins and password
    ... The console is the configuration page; ... I am using a wired connection for connnection. ... When I got the buffalo I ... randomly changed the mac address (I think I incremented the last digit ...
    (alt.internet.wireless)
  • Re: Quad Core PC for less than a Mac Mini
    ... yet to prove that your configuration is better. ... Nobody in the Mac Mini's ... than a Dell with a similar configuration. ... The price delta is less now. ...
    (comp.sys.mac.advocacy)