> > > > On Monday, 14 April 2014 03:11:04 UTC+2, Nikolaus Rath wrote: > On 04/13/2014 01:46 PM, Adrin wrote: > > Hi, > > > > I'm not sure if I understand it correctly, but is it true that you are > > storing the AES key along with the data? > > Yes. > > > Then what's the point of encrypting the data in the fist place? > > The AES key itself is encrypted with a second AES key, that is not > stored anywhere (unless you put it in ~/.s3ql/authinfo). > > The reason for having two separate keys is that it allows you to change > your passphrase. If you would encrypt all the data with the passphrase > directly, then in order to change the passphrase you'd have to download, > decrypt, encrypt, and re-upload your entire file system. > > > In contrast, if you have two keys (the "master" key that encrypts the > data, and the "passphrase" that is used to decrypt the master key) all > you need to do to change the passphrase is download, decrypt, re-encrypt > and re-upload the master key. > > > Best, > -Nikolaus > > Hi Nikolaus,
I came across this package because I wanted to protect my data not only from someone who's sniffing the network, but also the data storage provider itself. For this purpose, it doesn't make sense to give the encryption key to the provider. With the current implementation, the only thing the provider needs to do is to brute-force my password. In order to protect my data against that, I will need to have a passphrase with the entropy of 256bits or more, to have an equivalent encryption power to a proper AES 256. And all of this, makes the second layer of the encryption useless. I guess with the current status of the code, we can use it by only having a very strong passphrase, but it's doing lots of extra non-useful space on the server, as well as useless computation. Could we add a feature to the code to read the key from the client instead of the server? Best, Adrin. -- You received this message because you are subscribed to the Google Groups "s3ql" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. For more options, visit https://groups.google.com/d/optout.
