Looking for simple wrapper for symmetric key file encryption

Mr. Clif clif at eugeneweb.com
Sun Jan 19 17:56:03 CET 2014


On 01/19/2014 03:53 AM, Johan Wevers wrote:
> On 19-1-2014 7:50, Mr. Clif wrote:
>
>> Does anyone use symmetric file encryption?
> Yes, but only for encrypting files for personal use. Not in
> communication with others.


Same here. This is why I wrote that perl script, so I wouldn't have to 
remember to delete the plaintext file after I encrypted it. Are there 
other front ends or wrappers that help the work flow in this way?


>> What is the best practice here?
> As always, that depends on your use case and threat model.
>
>> I heard of another solution which was to mount an encrypted
>> directory with fuser to drop files into.
> Possible, I use TrueCryot containers for that but that's similar
> (although more portable and usable on "that other  OS").
>
>> I think I would wounder how
>> safe the passphrase was for mounted filesystems,
> Are you asking how long it would take to brute-force the pasword, how
> difficult it is to snoop it or if there are known vulnarabilities in the
> symmetric encryption used by gnupg, fuser or others?
>
>> though I know of some techniques for protecting them.
> Remember the weakest link in all encryption: https://xkcd.com/538/
Yes I suppose that's true. Though I was just thinking about ways I heard 
of to hide the key material in RAM. As I mentioned below, I'd rather not 
have to resort to an encrypted filesystem just to handle the occasional 
private file unless the conventional wisdom says that it's the only good 
way to do it.

So I'm trying to get a sense from the users here if they feel that the 
process of using gpg for symmetric encryption is safe enough, and they 
are not worried about leaving clear text behind.

     Thanks,
     Clif




More information about the Gnupg-users mailing list