>Aham Brahmasmi wrote: >> In my limited understanding, to securely backup and restore a file, the >> steps are: >> >> To backup: >> Step 1 - encrypt the file using a tool >> Step 2 - sign the encrypted file using a tool >> Step 3 - backup the signature and the encrypted file >> >> To restore: >> Step 1 - verify the encrypted backup with its signature >> If Step 1 exits with success, >> Step 2 - decrypt backup to file >> If Step 2 exits with success, >> Step 3 - use file to restore
The signature verification step is useless: if someone can change an encrypted file on your backup system then they can change the corresponding signature file on the same backup system too. If you use (symmetric) encryption then there is probably no need for a signature in your simple use case anyway: if the encrypted file correctly decrypts (which is usually easy to tell for data files like text or images) with the password that only you know then you can assume that nobody changed the content of the encrypted file on your backup system. If someone changed the content of the encrypted file on your backup system then, when you try to decrypt it, either the decrypt will fail or the result will look like random garbage (hence the "usually easy" above). If your goal is just to prevent people from looking at the content of your file if they somehow access your backup system then encryption is really all you need. If you're worried that people might actively try to attack you through your backup system then you have bigger problems which are probably beyond what random people on a mailing list can help you with... Roderick wrote: >I do use openssl for encrypting files in my laptop. So do I. I only encrypt the 0.001% of files that are really important and then those files are encrypted on my computer too, not just on the backup system (because if a file is important enough to be encrypted on your backup system then it's probably important enough to be encrypted on your computer too). Something like: openssl enc -aes256 -e < foo > foo.aes256 then I delete foo. (To decrypt use the -d option instead of -e; and read carefully the openssl(1) man page before you type the command above because you have no reason to trust me, right?) Then I do backups without worrying about whether a file is encrypted or not. YMMV. Philippe
