View previous topic :: View next topic |
Author |
Message |
curtis123 n00b
Joined: 09 May 2004 Posts: 53
|
Posted: Sat Jun 18, 2005 6:55 am Post subject: finding a encrypt software which can change password fastly |
|
|
I 'd like to change password of encryped files frequently.
there are about 500G encryped files ,they all have same password. but the password should be changed monthly.
so I want to find a software which can encrypt files and can change password fastly. |
|
Back to top |
|
|
ansient Guru
Joined: 22 Jan 2005 Posts: 445 Location: Argentina
|
Posted: Sat Jun 18, 2005 6:59 am Post subject: |
|
|
the adverb you are looking for is quickly, not fastly |
|
Back to top |
|
|
Archangel1 Veteran
Joined: 21 Apr 2004 Posts: 1212 Location: Work
|
Posted: Sat Jun 18, 2005 12:11 pm Post subject: |
|
|
You know, I don't think that's technically possible.
The password is part of the encryption, so it would require re-encrypting all the files. To put it another way, if you can change the password fast, someone else can probably crack it fast.
You could work around it by encrypting it all with a long random key, which is itself encrypted with your usable passphrase, then when you enter the passphrase it decrypts the big key and uses that to decrypt the files. Hence it wouldn't take long to re-encrypt the key with another passphrase.
The only problem with that approach is that it doesn't actually change the encryption on the files, so an attacker would have more than a month to try to break them.
Why do you want to change your password monthly? It's not generally required, or as far as I'm aware considered particularly helpful as far as security goes. You're better off choosing one good passphrase and sticking with it. _________________ What are you, stupid? |
|
Back to top |
|
|
mirko_3 l33t
Joined: 02 Nov 2003 Posts: 605 Location: Birreria
|
Posted: Sat Jun 18, 2005 3:05 pm Post subject: |
|
|
Archangel is right (though I looked more at the avatar than at the message itself), changing the encryption key means re-encrypting everything, so it's just not doable, at least not montly. But then, if you do as I do, and keep a 50MB key on a cd, that's as secure as it gets. What you then have to protect is the cd itself...
What you should change monthly if you want real security is root and user passwords, especially the ones that get exposed to the net (ssh, etc). _________________ Non fa male! Non fa male! |
|
Back to top |
|
|
ttuttle Tux's lil' helper
Joined: 03 Oct 2004 Posts: 131
|
Posted: Sat Jun 18, 2005 11:33 pm Post subject: |
|
|
Just make a PGP private key, use it to encrypt the files, and change the PGP key's passphrase every month. It would be absurd and wasteful to decrypt all the files each time. As long as the PGP key is secure in itself, you can change its passphrase and not need to reencrypt data. |
|
Back to top |
|
|
|