[OpenAFS] Analysis of AFS encryption protocol?
Sergio Gelato
Sergio.Gelato@astro.su.se
Wed, 4 Aug 2004 23:42:21 +0200
* Jimmy Engelbrecht [2004-07-30 19:27:37 +0200]:
> Jim Rees <rees@umich.edu> writes:
>
> > The protocol is a bit like k4. Privacy is not enabled by default, but I
> > think it should be
>
> i agree, but its to slow, at least in the versions of OpenAFS i tested.
Forgive me for not doing my homework before asking, but... isn't
single-DES (or equivalent) too weak for long-term privacy
these days? For communication channel integrity it should be enough
to limit the lifetime of the session key to less than it takes to
brute-force it, but for privacy wouldn't one be much better served
by either (a) storing the data in AFS in encrypted form, decrypting
only client-side, or (b) accessing AFS over a VPN tunnel? (In both
cases using stronger encryption than currently provided by AFS itself?)
Method (a) would probably provide best performance in cases when
only a small fraction of the AFS traffic really needs the privacy.