[aklug] Re: Rsyncrypto?

From: Royce Williams <royce@alaska.net>
Date: Sat Feb 06 2010 - 17:40:33 AKST

Christopher Howard said, on 02/06/2010 05:19 PM:
> Hey, any of you guys worked with rsyncrypto? Looks convenient, but I'm a
> little suspicious because I don't see it in my software tree.

If I understand correctly, this is the salient idea:

http://rsyncrypto.lingnu.com/index.php/Home_Page#What_is_Rsyncrypto

"This modification ensures that two almost identical files, such as the
same file before an after a change, when encrypted using rsyncrypto and
the same key, will produce almost identical encrypted files."

Check my math here, but isn't that part of the point of good encryption
schemes -- to make small changes look totally different? If two
almost-the-same files produce two almost-the-same encrypted files, that
smells like a significant attack vector to me. (Just my first knee-jerk
reaction).

Royce
---------
To unsubscribe, send email to <aklug-request@aklug.org>
with 'unsubscribe' in the message body.
Received on Sat Feb 6 17:40:41 2010

This archive was generated by hypermail 2.1.8 : Sat Feb 06 2010 - 17:40:41 AKST