[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Key file passphrase

To: Pham Bao Trung <pham.bao.trung@gmail.com>
Subject: Re: Key file passphrase
From: Colin Percival <cperciva@tarsnap.com>
Date: Wed, 12 Oct 2011 11:15:48 -0700
Cc: tarsnap-users@tarsnap.com
In-reply-to: <CAHnu6B-HR5MR2P7Zx29KoXmmy-G8M=ufec86tu2PWuszyEWTVw@mail.gmail.com>
References: <CAHnu6B_rfVvMCZTH5AOG7EbVPbaK8K9jyzqxHDjny7oz0dLmtw@mail.gmail.com> <4E95B7EE.3050104@tarsnap.com> <CAHnu6B-HR5MR2P7Zx29KoXmmy-G8M=ufec86tu2PWuszyEWTVw@mail.gmail.com>

On 10/12/11 09:11, Pham Bao Trung wrote:
> The documentation doesn't say anything about which cryptographic algorithm is
> used for keyfile encryption. What is it?

Tarsnap's keyfile encryption uses the scrypt KDF and AES256-CTR + HMAC_SHA256.

> It stresses to keep the keyfile safe but seem not encourage the usage of
> passphrase, doesn't it?

The most common use of Tarsnap is on servers via cron jobs, so it isn't always
possible to use passphrases.

-- 
Colin Percival
Security Officer, FreeBSD | freebsd.org | The power to serve
Founder / author, Tarsnap | tarsnap.com | Online backups for the truly paranoid

References:
- Key file passphrase
  - From: Pham Bao Trung <pham.bao.trung@gmail.com>
- Re: Key file passphrase
  - From: Colin Percival <cperciva@tarsnap.com>
- Re: Key file passphrase
  - From: Pham Bao Trung <pham.bao.trung@gmail.com>

Prev by Date: Re: Key file passphrase
Next by Date: Feature Request
Previous by thread: Re: Key file passphrase
Next by thread: Feature Request
Index(es):
- Date
- Thread