duplicity-team team mailing list archive

Thread
Date

Re: [Question #689862]: What would be a real-world scenario to prefer public key encryption to the default symmetric encryption?

To: duplicity-team@xxxxxxxxxxxxxxxxxxx
From: edso <question689862@xxxxxxxxxxxxxxxxxxxxx>
Date: Mon, 13 Apr 2020 16:03:27 -0000
Reply-to: question689862@xxxxxxxxxxxxxxxxxxxxx
Sender: bounces@xxxxxxxxxxxxx

Question #689862 on Duplicity changed:
https://answers.launchpad.net/duplicity/+question/689862

edso posted a new comment:
a little off topic here, as your question is generally

"What is the advantage of asymmetric encrytion over symmetric using
gnupg?"

so everything answering that, answers it with respect to duplicity as
well ;). this assumes that a third party has access to the encrypted
data only of course.

looks like you are mixing that with what happens if a third party gains
access to your system where the encryption/backup happens.

i'd answer as follows: in short, that is the worst case. no backup software can help anymore at that point.
the attacker can modify the data as such. additionally due to access to the backup repo older backups may be modified by the attacker. from that moment on the case is a lost one.
the only preventive measure here is to backup to a location that does not allow the modification of backup data once it's uploaded completely. this way you can safely go back to a point in time where your data was uncorrupted.

..ede/duply.net

-- 
You received this question notification because your team duplicity-team
is an answer contact for Duplicity.