Encryption
Shachar Shemesh
rsync at shemesh.biz
Fri May 13 12:32:39 GMT 2005
Gary Holzer wrote:
>Hi All,
>
>I am using rsync to backup our office server to our Internet server (RHE).
>As an association for doctors we are looking at providing a backup service
>for their practices using rsync. As it would be patient data it would need
>to be encrypted. I have found a few options, namely
>
>esync
>wurt
>rsyncrypto
>
>Does anyone have experience with the above and perhaps like to recommend
>one? On the client side we are on Windows boxes using cygwin.
>
>Thanks
>
>
I am (as you know) the maintainer for rsyncrypto. I looked a little into
esync (a while back, I'm not sure I fully remember the differences,
though). I have no idea what wurt is, so a link would be greatly
appreciated.
The main difference between rsyncrypto and esync is in the amount of
state information stored between operations. With rsyncrypto, this is a
mere 52 bytes, containing the initial value for the CBC, the symmetric
encryption key for the file, as well as three parameters used to
determine CBC resets. This information is enough to make a repeated
encryption of the same file (modified or not) identical enough to the
original that rsync will manage to pick up just the differences. This
52 byte file is fully recoverable from the encrypted file, if you have
the assymetric private key.
Esync, assuming I understood it correctly, actually requires keeping
around enough information about the properties of the reset points (it
uses a completely different algorithm). On first reading the esync
algorithm sounded like one having a cryptographic weakness, but:
1. It was a long time ago, and I don't remember the details.
2. On second reading I remember thinking that the hole was plugged after
all, at the expense of performance.
3. I cannot be said to be impartial, being as I maintain a "competing"
technology.
Also with esync:
- You need a custom version of rsync on both ends.
- May be relevant for you - there is no Debian package :-)
Bear in mind that any manipulation to an encryption system to make it
rsync friendly means that we are weakening it. This is obviously true
for rsyncrypto too. Myself, I'm fairly confident that the weakening is
nothing to be worried about, but do bear that in mind. This is stepping
off the trodden path, a cryptographic risk, in exchange for better
network performance.
As for experience, rsyncrypto is part of a commercial backup service my
company is running, so you can say I have some experience with it, yes :-).
Shachar
--
Shachar Shemesh
Lingnu Open Source Consulting ltd.
Have you backed up today's work? http://www.lingnu.com/backup.html
More information about the rsync
mailing list