[tahoe-lafs-trac-stream] [Tahoe-LAFS] #2100: passphrase-encrypt the aliases file
Tahoe-LAFS
trac at tahoe-lafs.org
Mon Dec 14 22:14:47 UTC 2015
#2100: passphrase-encrypt the aliases file
--------------------------+------------------------------------------------
Reporter: daira | Owner: daira
Type: | Status: new
enhancement | Milestone: undecided
Priority: normal | Version: 1.10.0
Component: code- | Keywords: aliases security capleak usability
frontend-cli |
Resolution: |
Launchpad Bug: |
--------------------------+------------------------------------------------
Comment (by daira):
Replying to [comment:6 dawuud]:
>
> If we are going to encrypt the private aliases file shouldn't we also
use a message authenticating code, perhaps an HMAC?
Yes, we should use authenticated encryption. Encrypt-then-HMAC is fine for
that.
--
Ticket URL: <https://tahoe-lafs.org/trac/tahoe-lafs/ticket/2100#comment:9>
Tahoe-LAFS <https://Tahoe-LAFS.org>
secure decentralized storage
More information about the tahoe-lafs-trac-stream
mailing list