Inefficiency and Security Issues

Inefficiency and Security Issues

Previous Top Next

The encrypted log viewer is EXTREMELY inefficient in terms of cpu usage (speed) and file size requirements for working with encrypted files, because it encrypts each line as a separate entry. A stand along file encryptor or encrypted container program (bestcrypt,drivecrypt,pgp,etc) are more efficicent for long term storage.

Note also that encrypted logging works by encrypting all log files using a single password. this is dangerous to do in the default ECB encryption mode for the following reason:

suppose you are in two channels #Apublic and #Bprivate.

and you log both of these using encrypted logging.

now somone else in #Apublic is also keeping a log of everything typed. they could event type whatever they want in that channel, and on your side you would be encrypting it as it is saved to your log file.

this would permit someone who gained access to your pc and had the plaintext logs for #Apublic to mount a chosen/known plaintext attack against your #Bprivate logs.

this is extermely dangerous because the encrypted log viewer uses ECB mode of blowfish which is vulnerable to such attacks. While we need to use ECB mode for compatibility with other scripts, there is no excuse for the encrypted log viewer using ECB mode, and it needs to be changed right away.

Mircryption has recently added support for CBC mode, which avoids this risk. Please use CBC style keys when using encrypted logging.