On Sun, Apr 19, 2015 at 11:21 AM, Mick Crane <mick.cr...@gmail.com> wrote: > > >> On 19 Apr 2015, at 06:42, Adam Gold <a...@gmx.com> wrote: >> >> I'm attempting to decrypt a symmetrically encrypted tarball appx 25GB in >> size. It goes as follows: >> >> gpg [file].tar.bz2.gpg >> gpg: AES256 encrypted data >> gpg: encrypted with 1 passphrase >> gpg: packet(7) with unknown version 41 >> gpg: WARNING: encrypted message has been manipulated! >> gpg: packet(5) with unknown version 241 >> >> > The problem with encrypting files for storage seems to be that if there is > any corruption there is no way to get any of it back.
In such cases it might be worthwhile to use some sort of error-detection/correction system. Detecting errors is relatively straightforward (you can sign a message and if the signature fails, it's been modified) but correction is slightly more complex. I generate PAR2 error-correction files[1] for important files or archives. It allows one to detect errors and repair/recover any damaged or lost sections up to a user-defined threshold. It uses more disk space, but it can be a life-saver when dealing with critical files on unreliable storage (and all storage is unreliable). Alas, it's not retroactive and can't repair already-damaged data: you need to generate the PAR2 files when the original file is still undamaged and can then use it to recover damaged data later. In the case of sensitive data, one should encrypt the data first and then generate the PAR2 files -- that way no information about the encrypted content can leak. Cheers! -Pete [1] https://en.wikipedia.org/wiki/Parchive -- Pete Stephenson _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
