On Mon, 8 May 2006, Michael Halcrow wrote:
Well, with eCryptfs, which, of course, is the crypto app I have in
mind in my examples, you don't really think in terms of an entire disk
being encrypted -- rather, you have individual files being encrypted
according to various policies. So yes, in this example, you have some
files in a USB pen drive that you would like to be accessible either
from your workstation in New York or your workstation in Texas, for
instance, and you are flying between New York and Texas.
What attacker am I worried about?
You're the wrong victim, since you probably pick decently secure
passphrases. It's the attacker against Grandma Alice or CEO Carol that
Actually, I'm just trying to get a simple example where I can say "so *that's*
why I should want TPM."
So let's say there's a ciphertext on a removable disk. The key is a function
of both a passphrase and... what? This is where it gets fuzzy for me.
You're talking about multiple machines being able to decrypt, so is it a
shared secret across the machines? Any of a set of public keys? A shared
private key?
(You mentioned that it might be encrypted against just a passphrase, but
that doesn't require TPM).
-J
/*
PLUG: http://plug.org, #utah on irc.freenode.net
Unsubscribe: http://plug.org/mailman/options/plug
Don't fear the penguin.
*/
