[prev in list] [next in list] [prev in thread] [next in thread] 

List:       tarsnap-users
Subject:    Re: Key file passphrase
From:       Colin Percival <cperciva () tarsnap ! com>
Date:       2011-10-12 18:15:48
Message-ID: 4E95D954.3050201 () tarsnap ! com
[Download RAW message or body]

On 10/12/11 09:11, Pham Bao Trung wrote:
> The documentation doesn't say anything about which cryptographic algorithm is
> used for keyfile encryption. What is it?

Tarsnap's keyfile encryption uses the scrypt KDF and AES256-CTR + HMAC_SHA256.

> It stresses to keep the keyfile safe but seem not encourage the usage of
> passphrase, doesn't it?

The most common use of Tarsnap is on servers via cron jobs, so it isn't always
possible to use passphrases.

-- 
Colin Percival
Security Officer, FreeBSD | freebsd.org | The power to serve
Founder / author, Tarsnap | tarsnap.com | Online backups for the truly paranoid
[prev in list] [next in list] [prev in thread] [next in thread]