future proof file encryption
email at sven-radde.de
Fri Feb 27 14:55:39 CET 2009
Robert J. Hansen schrieb:
> GnuPG conforms to the OpenPGP standard for cryptography. That means
> there are ... what ... 14 or so compatible implementations. You don't
> have to rely on GnuPG; there are a lot of other options out there. This
> is very good for purposes of long-term storage.
It is probably one of the best choices for the purpose, however, in
general, long-term archival and encryption don't go together nicely.
Neither does compression or similar. Many algorithms or encryption modes
are rather 'sensitive' to single bit-errors, lost bits and the like.
Imagine the session-key part of an OpenPGP message be destroyed.
Commonly, this will be far less than 1% of the actual data, but even
with 99% intact, you won't have a chance of recovering *anything* from it.
When using encrypted backups, 100% data integrity plays a much greater
role than when just storing unencrypted data.
With a directory full of .bmp files, you have a fair chance not to
notice a bit flip at all or you might notice a single out-of-color pixel.
With a directory of .jpgs, you might notice a corrupted 8x8 pixels block
or, worst case, have one unusable image.
With a single images.zip.gpg file, a bit flip may mean that the whole
archive is unreadable (which is the worst case... no idea what an
average case might look like).
More information about the Gnupg-users