[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Key Revocation

To: Matthias-Christian Ott <ott@mirix.org>
Subject: Re: Key Revocation
From: Colin Percival <cperciva@tarsnap.com>
Date: Sat, 06 Feb 2010 11:44:00 -0800
Cc: tarsnap-users@tarsnap.com
In-reply-to: <20100206193224.GB21004@qp>
Mailing-list: contact tarsnap-users-help@tarsnap.com; run by ezmlm
References: <20100206193224.GB21004@qp>

Matthias-Christian Ott wrote:
> as far as I unsterstood it, tarsnap uses symmetric keys for signing and
> hashing data. You can submit the key to the server to authenticate
> to the server and ensure that the data is transfered correctly.
> This sounds very reasonable and secure to me.

You may be mixing up two different things here.  Tarsnap uses asymmetric
keys (to be specific, RSA) to sign and encrypt data; but uses symmetric
keys (to be specific, HMAC-SHA256) to authenticate requests it issues to
the Tarsnap server.  (This matters because it means that the keys which
the Tarsnap server holds aren't enough to allow it / me to read your data
or forge archives.)

> However, I couldn't find a way to revoke a key, in case it is
> compromised or lost. Is this a design descision, a drawback of
> symmetric cryptography or have I simply overlooked something?

I haven't put the necessary code in place yet to allow machines to be
disabled in Tarsnap except as part of killing an account (when people
run out of money or decide they don't want to use Tarsnap any more).  I
do plan on doing this soon; in the mean time, please contact me directly
if you think someone might be accessing Tarsnap using your keys. :-)

-- 
Colin Percival
Security Officer, FreeBSD | freebsd.org | The power to serve
Founder / author, Tarsnap | tarsnap.com | Online backups for the truly paranoid

References:
- Key Revocation
  - From: Matthias-Christian Ott <ott@mirix.org>

Prev by Date: Re: Key Revocation
Next by Date: Re: Key Revocation
Previous by thread: Re: Key Revocation
Next by thread: Key revocation
Index(es):
- Date
- Thread