[Cryptography] encrypting bcrypt hashes
Tom Mitchell
mitch at niftyegg.com
Mon Mar 13 20:10:04 EDT 2017
On Mon, Mar 13, 2017 at 1:58 AM, Robin Wood <robin at digininja.org> wrote:
>
....
>>
>> Again the security depends on the difficulty of exfiltrating such a large
>> data set, not on a short key that that is relatively easy to steal.
>
Also a single file would be opened by a very short list of processes.
Access control lists apply. Even advisory access control can be used to
trigger alerts.
Also the number of active "open" states can also be watched.
So the OS services also come to play.
--
T o m M i t c h e l l
More information about the cryptography
mailing list