Rockbox mail archiveSubject: Re: Strong Cryptography
Re: Strong Cryptography
From: Joshua Simmons <mud_at_majidejima.com>
Date: Wed, 21 Nov 2007 17:43:14 -0500
On 11/21/07, Paul Louden <paulthenerd_at_gmail.com> wrote:
> > That would sometimes work, yes, but I am unconvinced that it will be
> > real-world faster for small amounts of data (If it takes .5 seconds,
> > vs .01 seconds, who cares? Especially if I'd have to spend 5 minutes
> > downloading and installing software on the public machine). If we're
> > talking about gigabytes of data, then yes, you are certainly correct
> > (this is definitely not my target use case).
> What download and installation? You're talking about writing custom
> encryption software here. Why not write a custom standalone binary,
> compile it for Win32 and Linux and maybe OSX, and put those binaries on
> your player? Again, much faster encryption and no downloading. You're
> making an unfair comparison by saying that you'd have to download and
> install all this software, vs having custom software made, when it's
> really a comparison of having two different custom softwares made.
I suppose that part of my argument is a little specious, but that wasn't my
Yes, it does depend a lot on the size of the data you're encrypting, of
> course, but I still don't see a real benefit to having file encryption
> happen on the device side for the most part, unless you absolutely
> cannot run your own code on the computer you're accessing. All the rest
> of your arguments are negated once you accept that you're decrypting
> with your own program either way.
But if I decrypt on an untrusted machine, that means I'd have to have each
tiny minutia of data in a separate file basically, otherwise I'm trusting
the public computer to way too much data in my opinion (I'd be trusting the
public computer to all of my passwords, vs my slashdot password only).
I can see this as being useful for accessing small amounts of data that
> you don't need to access on a PC (or specifically need access to without
> a PC) yet don't want to risk someone else gaining control of if your DAP
> is stolen (PIN numbers, passwords, etc) though, but a plugin
> specifically designed for such a thing might even be better in that case.
Ah, I think we've had a miscommunication somewhere. The password handling
plugin is my actual goal, the file encryption is just an afterthought (it
will be trivial to do after I implement the crypto API, so why not?).
Received on 2007-11-21