[GnuPG-users] identical files -> non-identical encrypted files
Robert J. Hansen
rjh at sixdemonbag.org
Mon Aug 4 10:49:46 CEST 2008
Kiss Gabor (Bitman) wrote:
> Eeerrr... sorry to say but I think you missed something.
So did you. This scheme is poorly specified, based on an incorrect
understanding of user needs, as a practical matter can be cracked, is
rife with implementation difficulties, and you seem to have no
understanding of the implicit tradeoffs and compromises which go into it.
It's just not going to work.
Please study the problem domain.
Additional remarks:
* Key management issues in this are largely handwaved.
* Rekeying of drive is problematic.
* BitLocker's architecture may be worth studying
* Disk keys _do_ change, they _need_ to be changeable, and
any protocol which does not support this is not suitable
for real world use.
More information about the Gnupg-users
mailing list