future proof file encryption
Christopher J. Walters
cwal989 at comcast.net
Sat Feb 28 01:03:18 CET 2009
-----BEGIN PGP SIGNED MESSAGE-----
Robert J. Hansen wrote:
> Christopher J. Walters wrote:
>> That's why it would be a good idea, in my opinion, to use a public
>> key pair, and a weaker cipher than AES to encrypt data like family
> I cannot for the life of me see what's leading you to give this counsel.
> Would you care to share your reasoning?
I did, later in my message.
>> I would also hash every file using a good hash algorithm, like SHA2,
>> RIPEMD160, etc.
> Why? A good archiver will keep a running CRC, allowing you to identify
> which files are good and/or bad. Fuzzy hashing will potentially narrow
> it down to a few bytes within the file, making it possible for a good
> archivist to recover/restore most of the damaged area.
I come from the early days of Fidonet, and BBS's. It is possible for a CRC32c
checksum to show "OK" when there have been changes. Has always been this way.
If you use an archiver to "archive" 200 files around 2 mb in length, then
encrypt the archive, you could easily lose all 200 files, if the session key is
lost. Keeping the files separate and hashing them, would be a way to tell if
there are any problems.
>> Additionally, I would keep at least 3 copies on HDD media, and
>> replace your HDD every 2 years or so, and copy everything to the new
>> one (after testing it for bad blocks, etc.), as well as storing it on
>> optical media.
> Needless overkill for most purposes. The lifespan of HD media is
> surprisingly long: you can fairly easily recover data off a 30-year-old
> hard drive. You might have trouble finding an MFM or RLL bus, but once
> you find it you're in pretty good shape -- especially if basic archival
> protections were taken.
The F.B.I. could recover data from your hard drive, as well - even if it
crashes. Hard drive can crash within 1 or 2 years, especially if they get too
hot. And just why is it overkill? With the costs of hard drives coming down,
as they are, you can call it an upgrade.
>> One last thing, I would recommend against compressing the image files
>> into .ZIP, or other archives - for JPG and PNG files, they are
>> already compressed and compression will likely only make them larger.
> Yes, no -- it certainly can't hurt them. Also, image formats are
> usually about ten years in the past -- it's the nature of the beast, the
> image industry wants very stable formats -- which means they're also
> generally behind the curve on compression. Compare this to compression
> software, which is getting better by the day.
Actually JPEG is older than 10 years, IIRC, but it is still lossy compression
followed by lossless compression. ZIP is much older than 10 years old, and
offers far from the best compression. JPEG-2000 is newer and can have better
compression than the original... So far, even using experimental archivers, I
have not been able to reduce the size of a raw image file or raw music file to
the size of a JPEG (even set to almost no compression at all), or MP3 (set to
the highest bit rate).
So tell me, what compression software are *you* talking about?
-----BEGIN PGP SIGNATURE-----
-----END PGP SIGNATURE-----
More information about the Gnupg-users