[Popcon-developers] Drop atime and ctime for privacy reasons possible?

adrelanos adrelanos at riseup.net
Sun Oct 28 18:40:13 UTC 2012

Bill Allombert:
> On Sun, Oct 28, 2012 at 04:50:54PM +0000, adrelanos wrote:
>> Bill Allombert:
>>> On Sun, Oct 28, 2012 at 04:25:23PM +0000, adrelanos wrote:
>>>> Bill Allombert:
>>>>> On Sat, Oct 27, 2012 at 11:48:45PM +0000, adrelanos wrote:
>>>>>> Bill Allombert:
>>>>>>> On Sat, Oct 27, 2012 at 09:55:22AM +0000, adrelanos wrote:
>>>>>>>> Paul Wise:
>>>>>>>>> On Fri, Oct 26, 2012 at 6:37 PM, adrelanos wrote:
>>>>>>>>>> for privacy reasons.
>>>>>>>>> In addition, it would be great to see popcon.d.o switch
>>>>>>>>> to SSL to
>>>>>> add privacy.
>>>>>>> I would rather use gpg.
>>>>>> gpg is fine.
>>>>> Could you do some benchmark ? - Generate a popcon report on a
>>>>> system with a large number of packages
>>>> installed,
>>>>> - Encrypt it with gpg --armor with some public key. - Then
>>>>> decrypt it 1000 times with the matching private key. - Compute
>>>>> time. - Retry with a different keylength or algorithm.
>>>>> Cheers,
>>>> ~100 KiB popcon file encrypted with 4096/4096 gpg key.
>>> What does mean 4096/4096 ? RSA 4096 ? What symmetric encryption
>>> scheme is used?
>> RSA 4096 asymmetric encryption.
> Thanks. What is the underlying symmetric encryption ?
> (RSA is used to encrypt a symmetric key used to encrypt the message.
> The decryption time depend on the symmetric algorithm. Normally it is
> some variant of AES. This can influence the running time.)

gpg showpref:

     Cipher: AES256, AES192, AES, CAST5, 3DES
     Digest: SHA256, SHA1, SHA384, SHA512, SHA224
     Compression: ZLIB, BZIP2, ZIP, Uncompressed
     Features: MDC, Keyserver no-modify

I didn't manually overwrite so I believe it was AES256.

> I read your script and you do not use ASCII armoring. Could you retry with
> using ASCII armoring ? I would prefer to avoid binary transmission in 
> popcon protocol, but it might have a performance penalty.

I already created a file with armoring. In format...

As the comment at the top of the script tells "gpg --armor --encrypt"
was used to encrypt the file.

Please tell me if I should have used another switch, I only know --armor.

More information about the Popcon-developers mailing list