You are viewing a single comment's thread from:

RE: Securely Storing Data Backups on the STEEM Blockchain

in #encryption6 years ago

I do not know about using a generated password for this.
As, many of the cases where you would need this file, that password manager would probably be destroyed.

Also, if you wanted to be really secure, right your own compression algorithm. If they know you used PGP, then all they have to do is find the password. If you role your own, they have to find the password and how you encrypted it.

The using a book encoding technique, a word in your file becomes the page, line & word numbers in your encryption is very very strong. It is only broken by repeated usage and more than one person knowing which book.

6 years ago in #encryption by
$0.00
    Reply 4
    Sort:  
  • Trending
    • [-]
     6 years ago 

    Rolling your own encryption is most likely going to be less secure than using established crypto. The chances of a security expert getting crypto right when designing a new algorithm are pretty slim. Yes, the key to decrypt the data might get found, but the likelihood of that, compared to a developer not being as smart as they think they are is not a tradeoff anyone should take.

    $0.71
    • Past Payouts $0.71, 0.00 TRX
    • - Author $0.59, 0.00 TRX
    • - Curators $0.12, 0.00 TRX
    1 vote
    Reply
    [-]
     6 years ago 

    Well said, sir. :)

    $0.00
      Reply
      [-]
       6 years ago (edited)

      "roll your own" is universally one of the worst pieces of advice in the encryption space. If you don't believe me, ask anyone familiar with that space or just look at history.

      I'm all for one-time pads, but you're still having to secure the "password" or the key you used. If my password manager was every compromised, then I'd be screwed anyway. Files that don't need to be stored in a password manager because they aren't super important secrets can be encrypted and stored just fine on a blockchain. Again, in this case, there was nothing super secret about the data, other than putting it out there in plaintext would be kind of silly (and meaningless to others).

      [-]
       6 years ago 

      I can see your point, as I have seen people "encrypt" credit card data by adding an extra number to the end of them. (In a large charity)

      However, from my brain type, encryption algorithms are pretty straight forward to me. And how computers implement them is very straight forward to me.

      So, maybe my statement is not for anyone other than me, and people I like to talk to.

      $0.00
        Reply

        Coin Marketplace

        STEEM 0.19
        TRX 0.12
        JST 0.028
        BTC 65021.86
        ETH 3571.18
        USDT 1.00
        SBD 2.33