OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.


Help: OASIS Mailing Lists Help | MarkMail Help

office message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: RE: [office] Encryption and data leakage

I know this is not the last in the thread, but in a bit of a rush at the moment -

Robert asked:

>Will this be slower because of the double ZIP?  I'm not quite sure.  

I don't think so - can't we just tell the zip not to compress that stream?

>I think it might actually be faster because encrypting one big stream should
be faster than encrypting many smaller streams.  This is worth testing.

Certainly so - no need to generate and store new random salt, no need to generate independent HMAC for integrity checking,

>There is no opportunity for selective encryption.  For example, cannot
decide to expose metadata but not content.  But this is not typical.  And
if really needed we could allow metadata to be shadowed in the outer


> Option 2) Don't have two-levels of ZIP, but maintain a shadow directory
that is encrypted along with the concatenation of the files in the stream,
maybe using the Unix tar method.

I'm not sure how this would work. Seems like something not standard to a zip, might be interesting (in a not good way) to implement.

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]