Google to encrypt cloud storage
rysiek
rysiek at hackerspace.pl
Mon Aug 19 04:35:10 PDT 2013
Dnia poniedziałek, 19 sierpnia 2013 13:12:35 Lodewijk andré de la porte pisze:
> AES-128 is obviously not secure enough against NSA-type attacks. It works
> against the random raid of the servers, the exploitative sysadmin and
> perhaps even the remote exploit in the software. It also allows Google to
> run storage nodes at a lower security level, which might help them smooth
> operations.
>
> Nothing there to help against the agencies.
But the algo is really completely irrelevant here. They could have used
OMGWTF-8096 and it would still be irrelevant. If the keys are being held by
Google -- and as far as I understand, they have to -- the whole encryption is
moot.
They don't have to give the government the keys. They can just hand over the
cleartext...
The point about running nodes at a lower security level is interesting,
though. Maybe that's the whole point:
- Hey Joe, if we encrypt user data (and hold the keys), we could care less
about these nodes' security.
- Hey, yeah, Jack, this seems to be a good idea; and we could sell it to
people as a "security enhancement", esp. after PRISM.
- Oooh, I like this. I'll be talking to PR dept right away!
--
Pozdr
rysiek
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 316 bytes
Desc: This is a digitally signed message part.
URL: <http://lists.cpunks.org/pipermail/cypherpunks/attachments/20130819/6be4b89d/attachment-0001.sig>
More information about the cypherpunks
mailing list