On Mon 19 Aug 2013 07:35:10 AM EDT, rysiek wrote:
Dnia poniedziałek, 19 sierpnia 2013 13:12:35 Lodewijk andré de la porte pisze:
AES-128 is obviously not secure enough against NSA-type attacks. It works against the random raid of the servers, the exploitative sysadmin and perhaps even the remote exploit in the software. It also allows Google to run storage nodes at a lower security level, which might help them smooth operations.
Nothing there to help against the agencies.
But the algo is really completely irrelevant here. They could have used OMGWTF-8096 and it would still be irrelevant. If the keys are being held by Google -- and as far as I understand, they have to -- the whole encryption is moot.
They don't have to give the government the keys. They can just hand over the cleartext...
The point about running nodes at a lower security level is interesting, though. Maybe that's the whole point:
- Hey Joe, if we encrypt user data (and hold the keys), we could care less about these nodes' security. - Hey, yeah, Jack, this seems to be a good idea; and we could sell it to people as a "security enhancement", esp. after PRISM. - Oooh, I like this. I'll be talking to PR dept right away!
Not so sure we need to be quite so cynical. Obviously this encryption is useless against state-level agencies, since data is encrypted server-side and Google manages the keys ( although the fact that they think they won't be obligated to hand the keys over to the gov't is bullshit). However, what I think is important to see in this story, is that Google is responding to pressure from the public to take privacy and encryption more seriously. This is an opportunity for security and privacy activists to push for real security solutions for user data storage, that involve strong *client-side encryption* of data. -- http://disman.tl OpenPGP key: http://disman.tl/pgp.asc Fingerprint: 2480 095D 4B16 436F 35AB 7305 F670 74ED BD86 43A9