[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: RE: [office] Encryption and data leakage
I know this is not the last in the thread, but in a bit of a rush at the moment - Robert asked: >Will this be slower because of the double ZIP? I'm not quite sure. I don't think so - can't we just tell the zip not to compress that stream? >I think it might actually be faster because encrypting one big stream should be faster than encrypting many smaller streams. This is worth testing. Certainly so - no need to generate and store new random salt, no need to generate independent HMAC for integrity checking, >There is no opportunity for selective encryption. For example, cannot decide to expose metadata but not content. But this is not typical. And if really needed we could allow metadata to be shadowed in the outer container. Exactly. > Option 2) Don't have two-levels of ZIP, but maintain a shadow directory that is encrypted along with the concatenation of the files in the stream, maybe using the Unix tar method. I'm not sure how this would work. Seems like something not standard to a zip, might be interesting (in a not good way) to implement.