[PATCH] Add xorpipe utility
Laurent Bercot
ska-dietlibc at skarnet.org
Thu Sep 13 04:46:14 UTC 2012
> I wrote a pipeline utility that performs an XOR of the data streamed through it
> using a 32-bit key specified on the command line, intended mainly to serve as a
> sort of poor man's encryption.
Hey Jody,
If you're going to do even poor encryption, better make sure it's not
*too* easily broken:
* don't let users specify the secret key on the command line. The command
line can be seen by every other process on the machine. Instead, take a
file name where you read the secret key: this file can then be given
restricted rights.
(i.e. instead of "xorpipe `cat datafile.key`", use "xorpipe datafile.key")
* 32-bit secret key is really poor. Would it be too hard to make it at
least 128-bit ?
Even though, there's a lot more to cryptography than just encryption, and
there's a reason why a fully encrypted SSH tunnel is slow; but you already
know that. ;)
--
Laurent
More information about the busybox
mailing list