Looking for simple wrapper for symmetric key file encryption
clif at eugeneweb.com
Sun Jan 19 17:56:03 CET 2014
On 01/19/2014 03:53 AM, Johan Wevers wrote:
> On 19-1-2014 7:50, Mr. Clif wrote:
>> Does anyone use symmetric file encryption?
> Yes, but only for encrypting files for personal use. Not in
> communication with others.
Same here. This is why I wrote that perl script, so I wouldn't have to
remember to delete the plaintext file after I encrypted it. Are there
other front ends or wrappers that help the work flow in this way?
>> What is the best practice here?
> As always, that depends on your use case and threat model.
>> I heard of another solution which was to mount an encrypted
>> directory with fuser to drop files into.
> Possible, I use TrueCryot containers for that but that's similar
> (although more portable and usable on "that other OS").
>> I think I would wounder how
>> safe the passphrase was for mounted filesystems,
> Are you asking how long it would take to brute-force the pasword, how
> difficult it is to snoop it or if there are known vulnarabilities in the
> symmetric encryption used by gnupg, fuser or others?
>> though I know of some techniques for protecting them.
> Remember the weakest link in all encryption: https://xkcd.com/538/
Yes I suppose that's true. Though I was just thinking about ways I heard
of to hide the key material in RAM. As I mentioned below, I'd rather not
have to resort to an encrypted filesystem just to handle the occasional
private file unless the conventional wisdom says that it's the only good
way to do it.
So I'm trying to get a sense from the users here if they feel that the
process of using gpg for symmetric encryption is safe enough, and they
are not worried about leaving clear text behind.
More information about the Gnupg-users