Datenterrorist
DSA VS RSA
Ich hab grad mal zum Thema etwas im Usenet gesucht und folgendes gefunden:
"DSA is the Digital Signature Algorithm, and only does signatures not
encryption. RSA can do both signatures and encryption. It is however
true that DSA keys can be used with some elyptic curve encryption
algorithms to encrypt. Using different keys for encryption and signing
(for certificates and the like) has considerable cryptographic merit,
and while you can use separate keys with RSA, the temptation to use the
same one is frequently overwelming expecially to those who do not
unstand why they should not.
According to Bruce Schneier both DSA and RSA with the same length keys
are just about identical in difficulty to crack. Use the key for
encryption as well as signing and breaking the key gets much easier
simply because there is more data to work with.
SSH uses either DSA or RSA for signing, not encryption, so actually
it makes little difference which you use. As mentioned elsewhere in
this thread US encryption export laws used to mean that DSA was
preferable as it was only for signing and could not be used for
encryption and therefore was allowed to be exported. Following
on from Sept 11 this kind of regulation could come back although
enforcing it would be even harder that it was when implementations
were produced outside the US before the regulations were relaxed.
RSA used to be covered by patent, but that has now lapsed, which
also was a US only problem."
Msg-ID: <afklal$2vo$1@knossos.btinternet.com>
"DSA is the Digital Signature Algorithm, and only does signatures not
encryption. RSA can do both signatures and encryption. It is however
true that DSA keys can be used with some elyptic curve encryption
algorithms to encrypt. Using different keys for encryption and signing
(for certificates and the like) has considerable cryptographic merit,
and while you can use separate keys with RSA, the temptation to use the
same one is frequently overwelming expecially to those who do not
unstand why they should not.
According to Bruce Schneier both DSA and RSA with the same length keys
are just about identical in difficulty to crack. Use the key for
encryption as well as signing and breaking the key gets much easier
simply because there is more data to work with.
SSH uses either DSA or RSA for signing, not encryption, so actually
it makes little difference which you use. As mentioned elsewhere in
this thread US encryption export laws used to mean that DSA was
preferable as it was only for signing and could not be used for
encryption and therefore was allowed to be exported. Following
on from Sept 11 this kind of regulation could come back although
enforcing it would be even harder that it was when implementations
were produced outside the US before the regulations were relaxed.
RSA used to be covered by patent, but that has now lapsed, which
also was a US only problem."
Msg-ID: <afklal$2vo$1@knossos.btinternet.com>
Root Dateisystem verschlüsseln
Da mich jetzt erneut einige Leute gefragt haben wie ich auf meinem Laptop die Root Partition verschlüsselt habe, hier der Link zu dem Howto:
Encrypted Root Filesystem
Swap und /tmp hab ich mit Hilfe der README von Loop AES verschlüsselt.
Encrypted Root Filesystem
Swap und /tmp hab ich mit Hilfe der README von Loop AES verschlüsselt.
Verschlüsselung für die Mailingliste
Exim: http://www.raphinou.com/smailman/smailman.html
Qmail: http://freshmeat.net/projects/gpg-ezmlm/
Sendmail: http://www.rediris.es/app/pgplist/index.en.html
Qmail: http://freshmeat.net/projects/gpg-ezmlm/
Sendmail: http://www.rediris.es/app/pgplist/index.en.html
OpenSSL Zertifikate
How you handle certificates depend a great deal on what your role is.
Your role can be one or several of:
- User of some client software
- User of some server software
- Certificate authority
This file is for users who wish to get a certificate of their own.
click
Your role can be one or several of:
- User of some client software
- User of some server software
- Certificate authority
This file is for users who wish to get a certificate of their own.
click
Dateien verschlüsseln mit OpenSSL
Verschlüsseln (mit AES 256):
openssl enc -e aes256 -in <file_to_encrypt> -out <encrypted_file>
Entschlüsseln
openssl enc -d aes256 -in <ecrypted_file> -out <plain_file>
openssl enc -e aes256 -in <file_to_encrypt> -out <encrypted_file>
Entschlüsseln
openssl enc -d aes256 -in <ecrypted_file> -out <plain_file>
GNUPG Manual
Das Handbuch zur GNU Version von PGP
click
click
OpenSSL Handbücher
Apache-SSL und OpenSSL Handbücher
click
click
Crypted filesystems
Wie verschlüsselt man Dateisysteme unter Linux?
click
click
Tunneling Traffic
Wie tunnelt man Plain Protokolle und schützt sich vor Man-in-the-middle Angriffen?
click
click
IPsec verstehen und nutzen
Wie funktioniert IPsec und wie bastel ich mir mit FreeS/WAN ein VPN?
click
click
