Shachar,
I fully agree with you, thanks for your explanation.
Regards,
Jan
_____
Van: Shachar Shemesh [mailto:shac...@shemesh.biz]
Verzonden: vrijdag 31 juli 2009 13:06
Aan: Jan Alphenaar
CC: 'L-rsyncrypto'
Onderwerp: Re: Partial transfer of rsyncrypto encrypted files
Jan Alphenaar wrote:
Shachar,
Ok, mystery solved. After the file is encrypted for the first time, my
script deletes the key file. When the file is encrypted a second time,
rsyncrypto creates a new key file, and also generates a completely new
encrypted output file (that is why rsync is fully transferring the file
again).
If the key file is not deleted, rsyncrypto delivers the same output file, so
rsync can use the rsync algorithm.
This leaves me here with one question. Is it possible to have the same
encrypted file without keeping the key file on my pc ?
Thanks for the replies.
Regards,
Jan
Rsyncrypto, while doing lots of stuff differently, is still modeled after
the classic encryption method. This means that there is one asymmetric key
to unlock all the files, but each file is encrypted with its own symmetric
(or "session") key. This is done for security considerations, and cannot be
turned off without some serious rethinking of the security of the process.
If you delete the session key, the only place it is kept is, encrypted,
inside the encrypted file. In fact, it is this re-encryption of the session
key that is the header that changes between encryptions. If you just run
rsyncrypto again, a new session key will be generated, and, obviously, the
file will look completely different.
All is not lost. If you have the RSA private key and the old encrypted file,
you can use rsyncrypto to recover the previous session key. Simply perform a
decryption, and the session key will be generated. Then use that same
session key to encrypt again.
Of course, with the session key being 68 bytes and your encrypted file being
1GB, the simplest thing to do is just keep the session key around and not
erase it.
Shachar
--
Shachar Shemesh
Lingnu Open Source Consulting Ltd.
http://www.lingnu.com
------------------------------------------------------------------------------
Let Crystal Reports handle the reporting - Free Crystal Reports 2008 30-Day
trial. Simplify your report design, integration and deployment - and focus on
what you do best, core application coding. Discover what's new with
Crystal Reports now. http://p.sf.net/sfu/bobj-july
_______________________________________________
Rsyncrypto-devel mailing list
Rsyncrypto-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/rsyncrypto-devel
