[OpenAFS] Encryption in OpenAFS
KELEMEN Peter
fuji@elte.hu
Tue, 26 Feb 2002 09:18:49 +0100
* Nathan Neulinger (nneul@umr.edu) [20020225 11:07]:
> Right, but what good does encrypting the cache do if the windows
> user could just copy in a "turn off cache encryption" config. Or
> replace afsd to copy all data elsewhere, or install a sniffer,
> or whatever.
I get your point, and we are aware of all these. But you have
to admit that it is relatively easy for maintenance to ensure
AFS config and daemon and whatever OS part integrity, and for
the attacker it is an order of magnitude harder to modify Linux
partitions (or install a sniffer, or whatever) than just looking
over cache contents. In other words, probably not worth.
I am not trying to push "cache encryption for president!" ideas,
just presented a situation where cache content encryption would be
considered as a goodie.
> My point is that worrying about the cache being encrypted in
> your environment is like worrying about your car doors being
> locked when you don't have any window glass.
I would use another analogy. Worrying about the cache being
encrypted is like worrying about having shaded window glass not
to be able to see the color of the seats; to do that, you have to
attempt to open the (not locked) doors (and risking triggering the
alarm).
Peter
--
.+'''+. .+'''+. .+'''+. .+'''+. .+''
Kelemen Péter / \ / \ / fuji@elte.hu
.+' `+...+' `+...+' `+...+' `+...+'