[Popcon-developers] Drop atime and ctime for privacy reasons possible?

Subject: [Popcon-developers] Drop atime and ctime for privacy reasons possible?
From: adrelanos@riseup.net (adrelanos)
Date: Sun, 28 Oct 2012 18:40:13 +0000
Message-id: <[🔎] 508D7C0D.7050503@riseup.net>
In-reply-to: <[🔎] 20121028180148.GC4718@yellowpig>
References: <[🔎] 508A67CC.7060507@riseup.net> <[🔎] CAKTje6EFVOOO3x1oXhNWEYZAR4yU=a4o8dCkvuu1yc214NqmkQ@mail.gmail.com> <[🔎] 508BAF8A.2050404@riseup.net> <[🔎] 20121027224535.GC17773@yellowpig> <[🔎] 508C72DD.2070505@riseup.net> <[🔎] 20121028104012.GD17773@yellowpig> <[🔎] 508D5C73.3050604@riseup.net> <[🔎] 20121028164114.GB4718@yellowpig> <[🔎] 508D626E.7080506@riseup.net> <[🔎] 20121028180148.GC4718@yellowpig>

Bill Allombert:
> On Sun, Oct 28, 2012 at 04:50:54PM +0000, adrelanos wrote:
>> Bill Allombert:
>>> On Sun, Oct 28, 2012 at 04:25:23PM +0000, adrelanos wrote:
>>>> Bill Allombert:
>>>>> On Sat, Oct 27, 2012 at 11:48:45PM +0000, adrelanos wrote:
>>>>>> Bill Allombert:
>>>>>>> On Sat, Oct 27, 2012 at 09:55:22AM +0000, adrelanos wrote:
>>>>>>>> Paul Wise:
>>>>>>>>> On Fri, Oct 26, 2012 at 6:37 PM, adrelanos wrote:
>>>>>>>>>
>>>>>>>>>> for privacy reasons.
>>>>>>>>>
>>>>>>>>> In addition, it would be great to see popcon.d.o switch
>>>>>>>>> to SSL to
>>>>>> add privacy.
>>>>>>>
>>>>>>> I would rather use gpg.
>>>>>>
>>>>>> gpg is fine.
>>>>>
>>>>> Could you do some benchmark ? - Generate a popcon report on a
>>>>> system with a large number of packages
>>>> installed,
>>>>> - Encrypt it with gpg --armor with some public key. - Then
>>>>> decrypt it 1000 times with the matching private key. - Compute
>>>>> time. - Retry with a different keylength or algorithm.
>>>>>
>>>>> Cheers,
>>>>
>>>> ~100 KiB popcon file encrypted with 4096/4096 gpg key.
>>>
>>> What does mean 4096/4096 ? RSA 4096 ? What symmetric encryption
>>> scheme is used?
>>
>> RSA 4096 asymmetric encryption.
> 
> Thanks. What is the underlying symmetric encryption ?
> (RSA is used to encrypt a symmetric key used to encrypt the message.
> The decryption time depend on the symmetric algorithm. Normally it is
> some variant of AES. This can influence the running time.)

gpg showpref:

     Cipher: AES256, AES192, AES, CAST5, 3DES
     Digest: SHA256, SHA1, SHA384, SHA512, SHA224
     Compression: ZLIB, BZIP2, ZIP, Uncompressed
     Features: MDC, Keyserver no-modify

I didn't manually overwrite so I believe it was AES256.

> I read your script and you do not use ASCII armoring. Could you retry with
> using ASCII armoring ? I would prefer to avoid binary transmission in 
> popcon protocol, but it might have a performance penalty.

I already created a file with armoring. In format...
-----BEGIN PGP MESSAGE-----
...
-----END PGP MESSAGE-----

As the comment at the top of the script tells "gpg --armor --encrypt"
was used to encrypt the file.

Please tell me if I should have used another switch, I only know --armor.

Reply to:

Follow-Ups:
- [Popcon-developers] Drop atime and ctime for privacy reasons possible?
  - From: Bill.Allombert@math.u-bordeaux1.fr (Bill Allombert)

References:
- [Popcon-developers] Drop atime and ctime for privacy reasons possible?
  - From: adrelanos@riseup.net (adrelanos)
- [Popcon-developers] Drop atime and ctime for privacy reasons possible?
  - From: pabs@debian.org (Paul Wise)
- [Popcon-developers] Drop atime and ctime for privacy reasons possible?
  - From: adrelanos@riseup.net (adrelanos)
- [Popcon-developers] Drop atime and ctime for privacy reasons possible?
  - From: Bill.Allombert@math.u-bordeaux1.fr (Bill Allombert)
- [Popcon-developers] Drop atime and ctime for privacy reasons possible?
  - From: adrelanos@riseup.net (adrelanos)
- [Popcon-developers] Drop atime and ctime for privacy reasons possible?
  - From: Bill.Allombert@math.u-bordeaux1.fr (Bill Allombert)
- [Popcon-developers] Drop atime and ctime for privacy reasons possible?
  - From: adrelanos@riseup.net (adrelanos)
- [Popcon-developers] Drop atime and ctime for privacy reasons possible?
  - From: Bill.Allombert@math.u-bordeaux1.fr (Bill Allombert)
- [Popcon-developers] Drop atime and ctime for privacy reasons possible?
  - From: adrelanos@riseup.net (adrelanos)
- [Popcon-developers] Drop atime and ctime for privacy reasons possible?
  - From: Bill.Allombert@math.u-bordeaux1.fr (Bill Allombert)

Prev by Date: [Popcon-developers] Drop atime and ctime for privacy reasons possible?
Next by Date: [Popcon-developers] Drop atime and ctime for privacy reasons possible?
Previous by thread: [Popcon-developers] Drop atime and ctime for privacy reasons possible?
Next by thread: [Popcon-developers] Drop atime and ctime for privacy reasons possible?
Index(es):
- Date
- Thread