Rockbox.org home
release
dev builds
extras
themes manual
wiki
device status forums
mailing lists
IRC bugs
patches
dev guide



Rockbox mail archive

Subject: Re: Strong Cryptography

Re: Strong Cryptography

From: Joshua Simmons <mud_at_majidejima.com>
Date: Wed, 21 Nov 2007 17:04:35 -0500

On 11/21/07, Paul Louden <paulthenerd_at_gmail.com> wrote:
>
> Exactly what is your intent with such a plugin? Why is encrypting the
> information on the device considered better than encrypting them on the
> host, and decrypting them on the destination?

It is preferable to do the encryption/decryption on the device for a couple
of reasons off the top of my head. First, I may not even have permission to
install the decryption routines on the computer (most public computers, a
lot of "work" computers, etc.). Second, I may trust the "public" computer
with say my password to slashdot.org, but I certainly don't want them to
have access to all of my passwords and private data. Basically it's just a
way limiting the information given out to the bare minimum, and would be
much more convenient for me personally, and I assume for others. Also I
have private data that I never really need to enter into other machines, but
I like to be able to access (financial data).

Surely if both the host and destination are secure enough for making use
> of the unencrypted files, encrypting and decrypting them there are also
> valid? And much, much, faster?
>

That would sometimes work, yes, but I am unconvinced that it will be
real-world faster for small amounts of data (If it takes .5 seconds, vs .01
seconds, who cares? Especially if I'd have to spend 5 minutes downloading
and installing software on the public machine). If we're talking about
gigabytes of data, then yes, you are certainly correct (this is definitely
not my target use case).

-mud
Received on 2007-11-21


Page was last modified "Jan 10 2012" The Rockbox Crew
aaa