[tahoe-dev] usage of key file or smart card?

Stefan Xenon stefanxe at gmx.net
Sun Nov 22 09:20:07 PST 2009


Again, thank you very much for the explanation. Now that I understand
the system a little bit I would like to come back to my initial question:

I assume all encryption and decryption is processed either in the client
or in the gateway (beside of transport encryption, e.g. TLS). This is a
good choice and Tahoe's developers seem to be very sensible to make a
secure architecture. Still the solution may not be trustworthy enough
for very sensible information (depending on the user and her
requirements). I see two promising options to mitigate such doubts:
A) increase the key length (e.g. AES-265) or allow the choice between
more algorithms and key lengths in general (user configured).
B) use a kind of (hardware) token. For my understanding the latter one
would need to be installed at the gateway.

Are there any ideas or plans regarding increased key length, more
algorithms or the usage of smart cards?


Stefan


More information about the tahoe-dev mailing list