[cryptography] Keyspace: client-side encryption for key/value stores
iang at iang.org
Mon Mar 25 06:57:34 EDT 2013
On 25/03/13 13:42 PM, Ben Laurie wrote:
> On 23 March 2013 16:21, danimoth <danimoth at cryptolab.net> wrote:
>> On 21/03/13 at 03:07am, Jeffrey Walton wrote:
>>> Linux has not warmed up to the fact that userland needs help in
>>> storing secrets from the OS.
>> but maybe I have misunderstood your statement.
> Does anything implement this service?
> BTW, a colleague and I are working on improving the state of secret
> storage on Linux (and other free OSes), particularly using the TPM,
> but also in general, so I'm quite interested in suggestions :-)
I suggest more precision :) Saying "secrets for Linux" is a bit like
saying "dressing for Sunday." Are you going to church or going skiing?
The storage of secrets for server linux will be markedly different to
the storage of secrets on android phones. One can rely on a strong
context within the hard drive, sysadms who carefully back things up and
ensure live cycle, a healthy skepticism of cloud.
The other gets stolen and borrowed and hacked and dropped in the washing
machine and replaced by an iPhone or a dumb phone or wifi phone or a
More information about the cryptography