Strong encryption

[jw schultz]

On Wed, Jun 05, 2002 at 11:42:12AM +0200, C.Zimmermann wrote:
> We need to encrypt files before transferring them to the destination
> Host for security reasons.
> Encryption must be strong:  IDEA, 3DES or similar.
> One way would be the integration of PGP into rsync.
> 
> Is there any PGP integration into rsync available ?
> 
> Thank´s Clemens

You are a little vague here.  Do you mean you need the
transmission encrypted or that you want the files to be
stored encrypted on the destination?

If you want the transmission encrypted use rsync over ssh
or you can look into encrypted tunnels and VPN stuff.

If you want them stored on the destination encrypted you
will need to keep them encrypted on the source.  Rsync won't
be able to compare an encrypted (cyphertext) file with an
unencrypted (plaintext) one.  For rsync to support
encryption it would need to be able to decrypt your files
and that would be very insecure.

If you keep the files encrypted on the source and
destination you might as well use the rsync -w option
because for encryption to be effective it truly does need to
randomize the data rendering the special efficencies of
rsync moot.  Additionally, for the class of cyphers you
mention to be secure they need long keys that change
frequently and are best generated randomly and then
encrypted using even more secure cyphers.  This randomness
assures that no file will be encrypted to the same
cyphertext twice.

Sorry if i bowled you over on the cyphertext files issues.
Hopefully all you needed was a pointer to secure
transmission.  If not, a coherent description of why the
need for encryption may help us find a way to meet your
needs.

-- 
________________________________________________________________
	J.W. Schultz            Pegasystems Technologies
	email address:		jw at pegasys.ws

		Remember Cernan and Schmitt