On Nov 28, 2006, at 08:44, Benjamin Chambers wrote:
I'm doing some more testing for a client of ours, but this looks to be the fault of me running through tests too quickly and possibly killing a process somewherealong the line.
Out of curiosity, what kind of backup and restore performance are you seeing in your testing? I've started doing some profiling, and found that (unsurprisingly) a huge amount of cycles are expended RSA signing the per-file digest. Decreasing my key size from 2048 bits to 1024 bits thus increased performance, significantly.
The next thing I'm going to look at doing is supporting HMAC in addition to public-key based signatures. It's *MUCH* cheaper -- I expect a speed up of 30%, but it does have different properties in our usage: - HMAC can not provide non-repudiation -- anyone with access to the shared key (ie, the file daemon and any master key holder) can generate a valid HMAC, so you can not prove that the file daemon generated the HMAC. - HMAC can not prevent other key holders (ie, master key holder) from generating a valid HMAC for 'invalid' data. - HMAC can not be used to validate file contents without access to the shared key. Contrast this to RSA signatures, where anyone can validate the backup's signature with only public keys.
I don't think these properties will be a major issue for most users (master key holders should already be trusted, HMAC keys are only used once per session), and will result in a considerable speed increase, without exacting a per-file toll for larger RSA key sizes. I'm planning on maintaining support for RSA file signing for those who are willing to pay for the extra overhead in exchange for the benefits of RSA signing.
The other thing I'm concerned about is the lifetime of the backup session key -- currently, the same session key is used to encrypt all files in an entire backup. A new key is recomputed for every job. I'd like to implement configurable re-keying based on data thresholds, eg, after encrypting n number of bytes, rekey.
Lastly, I would -very much- appreciate a cryptography code review by any interested crypto-aware parties.
-landonf
PGP.sig
Description: This is a digitally signed message part
------------------------------------------------------------------------- Take Surveys. Earn Cash. Influence the Future of IT Join SourceForge.net's Techsay panel and you'll get the chance to share your opinions on IT & business topics through brief surveys - and earn cash http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV
_______________________________________________ Bacula-users mailing list Bacula-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/bacula-users
