[Box Backup] Asymmetric vs symmetric encryption

[Chris Wilson]

Hi Greg,

On Fri, 30 May 2008, Greg Bolshaw wrote:

> It seems that a limitation exists in Box Backup in that the whole system 
> relies on the safe storage of the certificate file. If this is lost, the 
> backups are rendered useless.

Not certificates but the keys file.

> Would it be possible to offer symmetric encryption as an alternative? 
> This would work in a similar way to GPG's -c option:

It is symmetric encryption. You're talking about deriving the keys from 
a shorter password that's entered manually. It is possible but I don't 
know any standard tools to do it easily. You could do something like this 
to generate your keys file from a password:

dd if=/dev/zero bs=1k count=1 \
| openssl enc -bf -K `echo mypassword | md5` -iv 1234 \
> bbackupd.keys

This generates the same keys file every time, in my quick tests.

> A secret passphrase would be used to encrypt/decrypt the backup data 
> rather than a certificate. This would just leave the issue of how to 
> authenticate bbackupd against bbstored.

That's a completely separate problem which involves a certificate, but one 
that is easily replaceable.

> Understandably, it would be less secure to protect data using a 
> passphrase (which could then be subject to a brute force attack, etc.), 
> but in the balance of security and practicality, would this be a 
> reasonable compromise? (pun unavoidable!)

It's much less secure, but if you want it you can do it.

What's wrong with backing up the raw keys onto a CD, encrypted by GPG with 
a passphrase, and keeping that CD somewhere safe?

Cheers, Chris.
-- 
_____ __     _
\  __/ / ,__(_)_  | Chris Wilson <0000 at qwirx.com> - Cambs UK |
/ (_/ ,\/ _/ /_ \ | Security/C/C++/Java/Ruby/Perl/SQL Developer |
\ _/_/_/_//_/___/ | We are GNU : free your mind & your software |