After reading through the man pages and the available documentation a few times, my understanding is that rsyncrypto works by generating a symmetric key for each file you're encrypting, and saving that symmetric key to a file. It then encrypts the file using that symmetric key, encrypts the symmetric key with a public key, and concatenates the encrypted symmetric key to the encrypted file. The purpose of this is so that each file can be encrypted with a different key, but even if you lose the symmetric key file, the data can be decrypted by using the private key (private key decrypts symmetric key in the file, symmetric key decrypts the file itself).
I think I'm missing something about how rsyncrypto works, because in the model of understanding I just described, you ought to be able to decrypt files using only the keyfile or private key. While I've seen that you can decrypt the file using just the private key, use of the key file in decryption requires that you also provide the public key. I'm confused as to why this is. It seems as though if you have the symmetric key already, you could just decrypt the data and disregard the embedded copy of the same symmetric key. What is the public key used for during decryption, or what am I missing?
------------------------------------------------------------------------------
_______________________________________________ Rsyncrypto-devel mailing list Rsyncrypto-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/rsyncrypto-devel
