On Sun, 17 Dec 1995, Jiri Baum wrote:
In this particular case what im concerned about is a temporary cleartext copy of a permanently encrypted document. The cleartext only exists for about 1-4 seconds, and then is deleted, so backups arent really a problem..
Is it then necessary to write it to disk?
Im pretty sure that its nessecary.. at least at this point. Basically what im working on is a bit of front end that trys to make keeping things encrypted a bit less of a hassle. It needs to be able to read multiple file types, and as such it does some odd things. It opens the file and figures out the magic for it, closes it, then jumps to the right routine for reading the particular thing.. the file is opened again, perhaps once, perhaps repeatedly, depnding on the nature of what is going on.. then when it finishes with the file the cleartext copy is removed.. the main idea pushing me here is that if you were to encrypt things on your harddrive for storage, you would most likely want access to them at some point, and if your like me, you'd want access to them on a regular basis. Prior to starting work on this project i would manually decode whichever file i needed, work with it, andd then delete it. This was a pain in the ass, and also somewhat less secure since im only human and could conceivabley forget to resecure the file after im done using it. So looking at it from a relaxed standpoint.. the code as it stands now is at least as good as the previou method i was using, and is alot simpler. :) To be a bit more critical, neither method seems to be the BEST method.. I hate saying this cause it feels like a cop out, but I keep coming back to the question of usability versus iron-clad security. At this point there is no noticible speed difference between using the program with encrypted versus decrypted files. Im pretty concerned about the overhead of getting too involved in a flawless implementation. I think at this point if i could produce a first release that would be "good enough" to pass (for example) a moderatly sophisticated once over by local law enforcement, i would be content. Once thats available I have alot of other things tthat I'd like to see done better.. Incidentally, i'm planning to post the full details including an FTP site sometime in january or febuary.. at that point i expect to be torn to shreds by the cryptographic comunity.. :)