LinuxQuestions.org
Help answer threads with 0 replies.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices


Reply
  Search this Thread
Old 02-24-2011, 07:10 PM   #1
Ulysses_
Senior Member
 
Registered: Jul 2009
Posts: 1,303

Rep: Reputation: 57
Truecrypt volume on ftp server inferior to sftp?


If one uses a free ftp account to store private data such as bookmarks, they might prevent any eavesdropping by using ssh for the transfer (ftps), or alternatively sftp. However, they would still have to trust the ftp hosting provider, because the data is stored unencrypted in the server.

Someone suggested putting all bookmarks in a small truecrypt volume instead and synchronizing this with the ftp server.

Performance issues aside, given that the plaintext only changes a little in each resync (only a bookmark is added usually), is the use of the truecrypt volume introducing a means for an eavesdropper to break the code?

Last edited by Ulysses_; 02-24-2011 at 07:20 PM.
 
Old 02-24-2011, 09:13 PM   #2
win32sux
LQ Guru
 
Registered: Jul 2003
Location: Los Angeles
Distribution: Ubuntu
Posts: 9,870

Rep: Reputation: 380Reputation: 380Reputation: 380Reputation: 380
The amount of changes made to the plaintext should be irrelevant to the resilience of the ciphertext. In other words, assuming everything is kosher (no weak/broken algorithms, bad guys don't have access to the key, etc.), the bad guys shouldn't be able to know how much has changed between each version of the file (or make any other determinations about the plaintext, for that matter).

EDIT: When I wrote this reply, I wasn't thinking about TrueCrypt. I was mainly thinking about an encrypted gzipped-tarball, which is what I use when I need to store sensitive data at remote locations. In my case, the bad guys wouldn't be able to tell whether I changed a few characters or megabytes of data (since I'm re-uploading the entire thing any time I change something). Obviously, the same doesn't apply to volumes, as certain observations can be made and conclusions reached by bad guys who are able to monitor the encrypted traffic to/from the data store (statistical analysis of encrypted traffic isn't anything new). But still, this should not in any way hinder the actual strength of the encryption, which I believe is your main concern. If it did, then that would mean something was terribly, terribly wrong.

Last edited by win32sux; 02-25-2011 at 06:03 AM.
 
Old 02-25-2011, 06:17 AM   #3
Ulysses_
Senior Member
 
Registered: Jul 2009
Posts: 1,303

Original Poster
Rep: Reputation: 57
What if the bad guys have all the versions of the encrypted gzipped-tarball you have ever saved? Btw, do the versions differ in just as few bytes or are they entirely different? And what if the bad guys have all the versions of the truecrypt volume?

Edit: Let's say the bad guys guess you are saving bookmarks, therefore they know you only add a bookmark's worth of plaintext at the end of each version.

Last edited by Ulysses_; 02-25-2011 at 06:41 AM.
 
Old 02-25-2011, 06:40 AM   #4
win32sux
LQ Guru
 
Registered: Jul 2003
Location: Los Angeles
Distribution: Ubuntu
Posts: 9,870

Rep: Reputation: 380Reputation: 380Reputation: 380Reputation: 380
Quote:
Originally Posted by Ulysses_ View Post
What if the bad guys have all the versions of the encrypted gzipped-tarball you have ever saved?
It wouldn't make any difference.

The assumption is, from the start, that the bad guys will have complete access to the ciphertext.

Quote:
Do the versions differ in just as few bytes or are they entirely different from beginning to end?
The difference between the plaintext in one version and the next could be a single character, and the bad guys wouldn't know it. In fact, they wouldn't even know if there weren't any changes at all made to the data. This is because a new key is used for every upload, making it extremely difficult (cryptographically speaking) for the bad guys to analyze the relationship between one version and the next (the ciphertext will be completely different).

I'm assuming that a remote TrueCrypt volume doesn't provide this kind of feature/benefit, but I may be mistaken. Honestly, I don't use TrueCrypt (and I'm not familiar with it) so it would be unfair for me to comment on its inner-workings. All I can say is that it would be really, really weird if the TrueCrypt developers haven't thought about the scenario you're presenting.

Hopefully, someone knowledgeable with TrueCrypt can shed light on the particulars involved.

Quote:
Likewise, what if the bad guys have all the versions of the truecrypt volume?
Again, any cryptographic solution will need to assume (from as early as the design phase) that the bad guys have access to all the ciphertext, so that doesn't change anything.

Quote:
Edit: Let's say the bad guys guess you are saving bookmarks, therefore they know you only add a bookmark's worth of plaintext at the end of each version.
In the gzipped-tarball scenario, this wouldn't be computationally feasible, so I'm gonna assume you're referring to TrueCrypt, in which case all I can really say is that there's nothing wrong with them making an educated guess (see my previous point about statistical analysis).

Last edited by win32sux; 02-25-2011 at 06:45 AM.
 
Old 02-25-2011, 08:08 AM   #5
Ulysses_
Senior Member
 
Registered: Jul 2009
Posts: 1,303

Original Poster
Rep: Reputation: 57
Quote:
Originally Posted by win32sux View Post
a new key is used for every upload
Aha, you were thinking of changing the key every time, in which case it is obvious the extent of changes in the plaintext is irrelevant. But I was thinking of a constant key in all versions. This is what a truecrypt volume would do (unless you remember to change the key before every transfer to the ftp server).

Does the fixed key in all versions of this archive introduce the possibility for the eavesdropper to work out the key from the small differences between versions of the encrypted text? Especially given the knowledge of the changes (they contain http://, they might end in .com and a newline, they might be a link the eavesdropper suspects, etc).
 
Old 02-25-2011, 10:39 AM   #6
orgcandman
Member
 
Registered: May 2002
Location: new hampshire
Distribution: Fedora, RHEL
Posts: 600

Rep: Reputation: 110Reputation: 110
Quote:
Originally Posted by Ulysses_ View Post
Aha, you were thinking of changing the key every time, in which case it is obvious the extent of changes in the plaintext is irrelevant. But I was thinking of a constant key in all versions. This is what a truecrypt volume would do (unless you remember to change the key before every transfer to the ftp server).

Does the fixed key in all versions of this archive introduce the possibility for the eavesdropper to work out the key from the small differences between versions of the encrypted text? Especially given the knowledge of the changes (they contain http://, they might end in .com and a newline, they might be a link the eavesdropper suspects, etc).
There's a difference between the key you choose, and the key that is applied to the data (depending on the algorithm). Google for 'key schedule' and you'll get an overload of information on the subject. The basic idea is that every bit of data should modify the sub-keys enough to allow the data to continue to appear "random".
 
Old 02-25-2011, 02:48 PM   #7
Ulysses_
Senior Member
 
Registered: Jul 2009
Posts: 1,303

Original Poster
Rep: Reputation: 57
So the entire 10 MB truecrypt volume would change when the last 20 bytes of the plaintext change while the key you choose stays constant?

Last edited by Ulysses_; 02-25-2011 at 02:49 PM.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
FTP/SFTP write access denied on Ubuntu Server prudens Linux - Newbie 1 07-18-2009 10:50 AM
Open truecrypt volume dellthinker Linux - Software 1 04-10-2009 02:55 PM
putting ext2 or ext3 on a truecrypt volume fakie_flip Linux - Software 2 03-21-2007 02:50 PM
chrooted SFTP + FTP server TotalDefiance Linux - Server 4 12-08-2006 08:37 AM
can't mount truecrypt volume on FC4 obmuc Linux - Software 0 11-25-2006 04:03 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Security

All times are GMT -5. The time now is 12:42 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration