[boulder.pm] forwarding a "nonmember" bounce from Joel

Walter Pienciak walter at frii.com
Tue Jan 16 17:44:40 CST 2001


From: Joel Maslak <jmaslak at antelope.net>
To: boulder-pm-list at happyfunball.pm.org
Subject: Re: [boulder.pm] RFC on encryption approachwq
In-Reply-To: <Pine.BSF.4.30.0101161316250.97578-100000 at io.frii.com>
Message-ID: <Pine.LNX.4.21.0101161402210.12316-100000 at bigsky.antelope.net>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII

On Tue, 16 Jan 2001, Walter Pienciak wrote:

> Obviously, this means encryption.

Only if you use public/private key encryption.  If the encryption key can
decrypt the data, then it is NOT secure - period.  The reason is that if
the encryption key can decrypt the data, an attacker can grab BOTH the key
and the data.

Here's what I'd do:

On the public system:
PUBLIC Key
Encrypted Data File   (watch out for swap space and temporary files!)

It sends the file through some trusted means to the private system.  On
the private system:
PRIVATE Key
Decrypted data

I hope this helps.  As for which encryption routine, any asymetrical
algorithm should work.  PGP would certainly work.  I would also sign the
data with a private key stored on the public system (different from the
internal system's private key) so that the internal system can verify that
the right machine sent the data.

-- 
Joel Maslak




More information about the Boulder-pm mailing list