| Subject | Re: [IB-Architect] Fw: Mischievous SYSDBA |
|---|---|
| Author | Chris Jewell |
| Post date | 2000-05-25T18:11:52Z |
> From: Tim Uckun <tim@...>That's not really how public-key crypto works: instead of encrypting
> Date: Thu, 25 May 2000 10:15:05 -0600
>
> Is something like this possible.
>
> Take an example from public key. There are two keys one is public resides
> in interbase (or related file) and the other is private and resides in the
> application. In order to authentitcase users both the private and public
> keys are used to decrypt the user information and passwords (SYSDBA or
> not). This way if somebody replaces your file with theirs it does no good.
with both keys, you would encrypt with the public key (stored on the
database server), and decrypt with the private key, which would be
known to all of the users (well, stored on each client host, locally
encrytped with the respective user's passphrase). That's a detail,
and doesn't really invalidate the suggestion.
However, you should be aware than public-key crypto is very slow: in
practice it is generally used only long enough for the two ends of a
connection to mutually authenticate, and then to agree on a
symmetrical-crypto key to use for the rest of the operation. Even
with Blowfish, the most computationally efficient symmetrical
algorithm I know of with a long enough key to be considered secure, I
estimate that encrypting or decrypting at the 10 MByte/second rate of
a single SCSI disk would use the full power of a Pentium-III 733
(or custom crypto hardware). Public-key methods are much slower than
Blowfish (so is 3DES), and trying to keep up with a RAID setup even
using Blowfish would probably require something like an 8-way
P-III server (or a 16-way UltraSparc, or custom crypto hardware.
Assuming that a customer deploys enough CPU cycles to handle the
crypto at the server, he now has to make sure that none of his 100
remote users has his machine broken into after writing his passphrase
on a post-it note and sticking it on his monitor. The same private
key is stored on all of the client systems, and is a serious point of
weakness.
--
Chris Jewell developer/sysadmin voice: 831-431-6531
cjewell@... InterBase Software fax: 831-431-6510