Beefy Boxes and Bandwidth Generously Provided by pair Networks
Pathologically Eclectic Rubbish Lister
 
PerlMonks  

Re^2: Opening an Encrypted DB_File database

by crabbdean (Pilgrim)
on Jul 14, 2004 at 16:38 UTC ( #374342=note: print w/ replies, xml ) Need Help??


in reply to Re: Opening an Encrypted DB_File database
in thread Opening an Encrypted DB_File database

Hi iburrell, I've already encrypted each key/value pair in the DB_File database using a 256 bit cipher. But I was discussing with my flatmate who works for the government doing cryptography and she said it would be wise to also encrypt the file. I'm trusting her judgement on that.

I attempted to unlink the file as suggested. Doesn't work as DB_File puts a lock on it. The temp file opens the vulnerability of leaving a decrypted version lying around which I would really like to avoid.

I'm unsure how to go about putting it onto a ramdisk. Can you suggest further on how to go about this?

Thanks for your help.


Dean
The Funkster of Mirth
Programming these days takes more than a lone avenger with a compiler. - sam
RFC1149: A Standard for the Transmission of IP Datagrams on Avian Carriers


Comment on Re^2: Opening an Encrypted DB_File database
Re^3: Opening an Encrypted DB_File database
by MidLifeXis (Prior) on Jul 14, 2004 at 16:59 UTC

    If you encrypt a file with a known format (like a DB file), wouldn't an attacker have information to assist in decrypting the entire file? I thought it was recommended not to encrypt data that was predectible or known, because it gave a target to shoot for.

    Just my $0.02 USD.

    --MidLifeXis

      Yeah, I thought about that ... but considered its better than not encrypting it at all. If I left it unencrypted they definitely would know the format.

      In addition I've written it to use 2 ciphers both with different 256 bit keys, and both keys are based on two different passwords which are themselves encrypted by two different 256 bit ciphers. On top of that the contents of the file is encrypted in a different cipher than the file encryption. Additionally the contents remains in an encrypted state in memory. The GUI requires an 8 digit password plus an 8 digit pin that can only be entered manually via a keypad on the GUI, and the program has a 30 second delay before it runs again. That should stop any brute force attempts. Any other ideas are welcome. :-)

      Dean
      The Funkster of Mirth
      Programming these days takes more than a lone avenger with a compiler. - sam
      RFC1149: A Standard for the Transmission of IP Datagrams on Avian Carriers
        Using two different ciphers and two 256-bit keys is overkill. One good symmetric cipher is the strongest part of any cryptosystem. The 256-bit key is well beyond being brute forces. The password, and system for making the key from the password, are the weak point. 2^256 is much larger than 10^16.

Log In?
Username:
Password:

What's my password?
Create A New User
Node Status?
node history
Node Type: note [id://374342]
help
Chatterbox?
and the web crawler heard nothing...

How do I use this? | Other CB clients
Other Users?
Others romping around the Monastery: (8)
As of 2014-09-23 09:55 GMT
Sections?
Information?
Find Nodes?
Leftovers?
    Voting Booth?

    How do you remember the number of days in each month?











    Results (216 votes), past polls