RFC: end-to-end compare -aq (Was: Re: [Box Backup] Win32 native client service bbackupd.conf)

[Gary]

> > Would it make sense for the client to download, from the server, a  
> > list of blocks where the information supplied about each block is  
> > (1) the IV used previously by the client to encrypt that block, and  
> > (2) the current checksum on disk (on the server) of that block,  
> > freshly computed by the server?

> Yes, I think that would do the trick nicely.

The server actually stores those IVs? Interesting - what for? I presume they are stored on the
serever in an encrypted state?

I missed that when looking through the sources.

> It doesn't require the server to be trusted any more than the minimal  
> "store files and let us retrieve them intact" requirement.

The alternative of the client sending up to the server the ciphertext along with strong checksums
for the ciphertext, to be stored and compared by the server later on, would also allow for an
end-to-end bbstoredcheckaccount (without requiring client cooperation).

G.


__________________________________________________
Do You Yahoo!?
Tired of spam?  Yahoo! Mail has the best spam protection around 
http://mail.yahoo.com