← Back to team overview

syncany-team team mailing list archive

Re: [Bug 825986] Re: Use a safer encyption algorithm

 

I have to agree with Philipp here, AES adoption has never convinced me
properly.

Kinda like what is happening in GSM networks, quite convenient IMHO...
Unless it really hurts performance, Syncany should have solid security
features (one of the key points of Syncany is that you can host it on your
own server, hence secure your data, so it should be done in the best way
possible - consider the possibilities for enterprises).

Best regards!

On Tue, Aug 30, 2011 at 6:08 PM, Michael Ekstrand <michael@xxxxxxxxxxx>wrote:

> What's wrong with AES?  Properly used (CBC or CTR, good keying, etc.),
> it's pretty standard for secure deployments and is a FIPS standard.
>
> --
> You received this bug notification because you are a member of Syncany
> Team, which is subscribed to Syncany.
> https://bugs.launchpad.net/bugs/825986
>
> Title:
>  Use a safer encyption algorithm
>
> Status in Syncany:
>  Confirmed
>
> Bug description:
>  Actually, the algorithms used by Syncany are too unsafe (only AES and
>  3DES). It's a huge security bug IMHO.
>
>  Syncany should be able to use safer encyption algorithms like PGP
>  (GPG) or AES+Twofish+Serpent.
>
> To manage notifications about this bug go to:
> https://bugs.launchpad.net/syncany/+bug/825986/+subscriptions
>
> --
> Mailing list: https://launchpad.net/~syncany-team
> Post to     : syncany-team@xxxxxxxxxxxxxxxxxxx
> Unsubscribe : https://launchpad.net/~syncany-team
> More help   : https://help.launchpad.net/ListHelp
>

Follow ups

References