Filen.io 50GB Encrypted Cloud Storage Free

The #1 community for Gun Owners of the Northeast

Member Benefits:

  • No ad networks!
  • Discuss all aspects of firearm ownership
  • Discuss anti-gun legislation
  • Buy, sell, and trade in the classified section
  • Chat with Local gun shops, ranges, trainers & other businesses
  • Discover free outdoor shooting areas
  • View up to date on firearm-related events
  • Share photos & video with other members
  • ...and so much more!

    • Register Log in
    N

    noloader

    Jeff Not G
    MDS Supporter
    Apr 3, 2022
    101
    Pasadena, MD
    ToolAA said:
    The government can compel an individual, via court order, to provide their own keys.
    Click to expand...
    There are splits at both the federal and state level. I don't know where Maryland stands.

    I know SCOTUS refused to hear a case recently, but I think they refused for administrative reasons. The case was not ripe yet. Also see U.S. Supreme Court nixes appeal over forced password disclosure.

    ToolAA said:
    Also do you know any providers who do not actually have access to your private key. Like how Protonmail claim to operate. In this case the individual could be compelled to provide access to their stored information, but at least the government couldn’t access your private information without your knowledge or permission.
    Click to expand...
    Yeah, that's an interesting discussion. I don't have a good survey of email or cloud providers and how they handle keys.

    At least two cases come to mind, however... Hushmail and Lavabit. In those cases, the US government just intercepted the traffic on the way to the provider before it was encrypted under the end-user's public keys.

    Hushmail was based in Canada. Hushmail backdoor'd their product at the request of the US government - no order or warrant was required. Lavabit refused an order to hand over the webserver's keys. Instead Lavabit shut down the service and killed the canary.
     
    N

    noloader

    Jeff Not G
    MDS Supporter
    Apr 3, 2022
    101
    Pasadena, MD
    ToolAA said:
    65ccf1db57794baf3737b33deacdd3ae.png
    Click to expand...
    This smells of Snake Oil. There is no such things as "Zero-Knowledge Encryption." There is a Zero-Knowledge proof used in the Zcash cryptocurrency when using shielded addresses.

    PKCS #5 password derivation is old. Typically a memory-hard derivation is used nowadays, like Argon or Scrypt.

    But stepping back a bit, they are using a hybrid scheme where each file is encrypted under a random key (called a Data Encryption Key or DEK), and the DEK is encrypted under a top level key (called a Key Encryption Key or KEK). The encrypted DEK is then stored with the file as metadata. There is no MAC.

    Based on the company's description, it looks like a scheme created by a developer instead of a data security person or cryptographer. The scheme does not achieve Indistinguishably under Chosen Ciphertext Attacks. That is, is is not even IND-CCA2, which is a strong notion of security. Also see Amateurs Produce Amateur Cryptography.

    If you are going to use a product, look for something that uses per-file data encryption key for confidentiality, a per-file MAC to detect tampering, which encrypts the seed used for the encryption and MAC derivation under a public key.

    Or better, use something off-the-shelf, well understood and well tested, like an Integrated Encryption Scheme (IES). Integrated Encryption Schemes are IND-CCA2. Two examples of IES are Abdalla, Bellare and Rogaway's Discrete Logarithm Integrated Encryption Scheme (DLIES) and Shoup's Elliptic Curve Integrated Encryption Scheme (ECIES).
     
    Last edited:
    You must log in or register to reply here.

    Users who are viewing this thread

    Total: 2 (members: 0, guests: 2)
    Ardent Firearms Training

    Latest posts

    Forum statistics

    Threads
    275,427
    Messages
    7,281,296
    Members
    33,452
    Latest member
    J_Gunslinger

    Latest threads

    Top Bottom