duplicity-team team mailing list archive

Thread
Date

Re: [Question #689862]: What would be a real-world scenario to prefer public key encryption to the default symmetric encryption?

To: duplicity-team@xxxxxxxxxxxxxxxxxxx
From: edgar.soldin@xxxxxx
Date: Tue, 14 Apr 2020 16:38:54 +0200
Autocrypt: addr=edgar@xxxxxxxxx; prefer-encrypt=mutual; keydata= xsFNBE0iDLoBEADlSWA+orbwy0NzYvuPSXL7eEz5w3A/vCfqsL2vlN9qFdnOfgrMAnWNqxtL yQXMqawO8tnIXm9gXl8Cn1F6wo75RiRt3UrkJJT+EuXqyndXibcGF3ukOU8osf1l++kGRlad QeavIl9Y9daDYX7MhC22cdLNd24Lk8bHpueQ1zjknGuCmCPUY+/DYCJAMPVi0hQHv3VSCBbz YGvPtBvXd3Dqio49tSdssLyAg+MKbDOXzEhPmPUyfPbs1z/eyIvn5KYETCxLEhqVBMAyYuYH tq1EY1row51Tnaaz81inTnQLyd4Wx1uRFZNX4YSaUI6DuA2RwrTO/dGZBkvugVK5j+127uOw 6/dJr39n4VYs4getwREC0o/QpAv4oUne7lxAiLxBnaj2g0vpJXgsFlLiRgF3ut/QFLawydNK HfJRypBGvaPUliKUI7Sy15neOP9C0RyBcS5bJ3wR4e/x5vJ1I8TlsN7Gbt/MG8zrkY50Bqwp PtPQv3GxGgNJFs3rIJYNXDYaOuKA4cpLXVZi2f1pS7kMncFYkUu21Tjex3NS94NOSyEXh7w9 q46Z5QmMYpFCCd3JhpH22ZnKeHZnibbOYeKV5/VsiAu/Imp6duCVinSDjtXYa2eJYTHiP5vJ p8YHBqO/EWr+omrTtWlkQ0AxZuB0LIJlm/85mcn6kT7oDHg0wwARAQABzR5FZGdhciBTb2xk aW4gPGVkZ2FyQHNvbGRpbi5kZT7CwXgEEwECACIFAk0iDLoCGyMGCwkIBwMCBhUIAgkKCwQW AgMBAh4BAheAAAoJEO1SmFfrMhVgU9IQANV1zhG+U2WLNYwShrFdLcZWn4qFgpRYMSEQahme +sqvckMd+DsCuOsFQoa1ILvRjeMFNoY5Y/Rc+M8c1NVbNXu0ad9mv4CymKRsLJWaDZPvubh/ kmyMpIC3muFN8EDwFVL1068Lkj0zQO9fgj90+BAkzvSMsmS9tTEH+4K8tROcbg1wMOoaf/U2 aiBPKEAAuFeIpecztHG8oilE7z9b0dU4yt+mTq52fXQSy6oHOM2RBh7ZrQ/VvPrj/Oj+eB6E Phe1PrnM5xyKg4H2nY/wKF5VMzgs3XkpHb3d56i4mQWCm69/dZ1tFwHZ+SCPr0BJjnD9d23c pI/eDcqedGS3IDY4D6rWAW0xODxqNImJB1+3rCtFFMWz25pQ3O4CtL1qIt5yy0Zr2IKf4cO5 M8gFUqdu1ElEyOQqyCfiXzesddL05LXbItQxNInTLmpJri1y3WaHhVI8qnUiQC3yfxUDsuZ4 BV62GCtD0IjvdimpcStQUyB9c4t1RygpAKZ2I6RfmHQt8GsuZdiVYhF+G/D8n8RcwdJkRYsk wr6HlzXW0v8ez7WoXxXGniAzvagj/fBwHdKOc50Cb9Bml5Gf4dW0AkAa/a2omBWRRykjIwR1 OVTc0N7VUS8TAqQ9Ox7Vg/dK+Y8+H8dYnBmKhnGoTv/Jl4ApLeXo8nkNqrhUJve8tsD/zsFN BE0iDLoBEADgAA8bJ0ROgebC4JQxD7fsceGTFrbkqWu0+3DqoTPSuuBWOMRIKNJ3vLELxeE4 J0+9GWf6oW7hPhGunyw3E5aJmyV85YeUQctqtaRSOTJyT6LYUfS+DjcLtOe45inzfeRjQIRl I5gRDBhgxRj39MGCqaxlzyeIv3zmUY59wUoaxrs9UfQLUrLMdpjpgaeVhmQ5lqIY85BYiWCz 8FoeC1thx2AYWcn6TAqs/3lfVoh00ghqhoi0AVCcruX8T1hjd7Z4BEysQ2Gfd2/+ecuM0mD4 KYWpqIBQrYpSLD9xWFZphYgYi/bVwA9zPPgguxZcRx6N7+NWe6i62+Mn0zaY4tPTglGY82rA 9V2wtqTprnoefDWfd4Hc7tMBZ6EtOh8fGWVRioG7lV9RPsmj6IyfmDKNGebWyu6Qd0djIVmt EdrDr6R9XHeVFPCeiK/hi7C4eWpT+b+XIJFQNTB3GwPGz347Hl2BxBTA9Vv5szL6e+Y1r0Wy hS9nOjHWGt2Fwh/CSNTA19DL4BAQPNmzTUEcyT2JpRVfMcQpF1k6C0LT0IB53acFeQDR2h0u 0nazuHfokgr1t2TU/pJaCBZU6jWLPKw0s/sY3Xm24U+/Vyo8EM8+yLc1eYH070FGiIBPpNRx e7empJn9c1DmTYDgBoBUzRskwql1gBkebFJb9eQty2SR9wARAQABwsFfBBgBAgAJBQJNIgy6 AhsMAAoJEO1SmFfrMhVgFpAQAK7V1Yx+nk15EgMvBizOEKH+7b9KLJNBhIGaX20kX77Rem9X ILG8hpBAmTgiQzYOX9P490bdaYFZ1pjmPys87MtnaLmOv5dAS94AtosX4ZOhAoWIzLxTU0LN DdTr++pQ/MjTg2DrOUiuNxep2dNwDTQuV/1wlabvEUMLRHT3b5Vr6tUZbVfnsYElLHdX+EAB 1sTWJc27PgjhZuVtWnibwHFeatwDw2kxgs81MZIaCeqyj/aWMf/n2wXrjKyhso7r3jWAGR+1 ov89NtfcKUkRF37sfmZoXo723J+6b2ThKgpuHfr1np1vsi3Ddb5BAvB10cAaSvjEZlDqgMng 9ir/z87B8JT5t4nB38UlGPijrovmBiBovVQzVR4oWGLEhr5py8bSQfZFJfd5Ofw28ui1ypQT l8w7KMOWJSOVpvVdhfYYMWR+SXgDkT53yQJKpJ1YxlkzTCOY2C8D009iTXkTp1ggZCneak67 ZfTXMCxACkOWfCRbGW4yQ/w5h0PJknN6PX6ACCiMLnxXZ4DZ6YK07y7ZrU7zQpMqpUUUdaGw gJ3Re87PXxIA8tJV6xIyLaq+N+/0oyPCqF/4pZQs1xQRxr9G57DUWKLxt3u9CG5tVw1iFrs3 44PTKtPrK2kHGpHk6iCEFkCK8anlY/KBSnDrdzLC7tMnSLMz3Tj4kUP8/c+J
In-reply-to: <158686971066.5752.689136355364169977.launchpad@loganberry.canonical.com>
User-agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:68.0) Gecko/20100101 Thunderbird/68.6.0

On 14.04.2020 15:08, Andreas Schmidt wrote:
> Question #689862 on Duplicity changed:
> https://answers.launchpad.net/duplicity/+question/689862
>
> Andreas Schmidt gave more information on the question:
> Dear ede,
>
> thank you for your quick reply. You are right, by hindsight a lot of my questions are
> focusing more on gnupg and its integration into duplicity, than on duplicity itself.

wrt. integration. simply explained duplicity creates backup files and then encrypts them via gnupg. or to say it in another way essentially there is no difference to an email program or any other software using gnupg. duplicity creates a file, encrypts it, uploads it. duplicity retrieves an encrypted file, decrypts it, restores/verifies data.

> I should probably reformulate my questions:
>
> - Did you or someone else in the team come across a scenario, in which it is useful to not having
>   to expose the private encryption key for backups with duplicity?

the whole private key issue derives from a misunderstanding anyway. users are rightly reluctant to put their private key on some machine connected to the internet. but they _do not_ need to! the proper approach is to encrypt against several public keys: one being unique to the local machine, another being your own public key. this way only the local private key is needed for decryption as it is need for signing anyway. if the local key get's lost for some reason you can still decrypt using your own private key on another machine as a last resort.
this whole idea can be extended by as many keys you want to encrypt against. in case you are in the habit of loosing them weekly or whatever ;)

>   This is what I meant when I wrote at the beginning, that I might be missing something obvious:
>   I agree with you, that if the system is compromised, the backup is likely to be a lost cause too.

not only likely - definitely is, at least is to be treated as such. the attacker can modify your data which will be backed up by the usual duplicity backup routine. so the backup will look good, but the data still isn't proper anymore.

>   Therefore, even with all my pondering summarized above, I still struggle to understand, why
>   someone would want to go down that rabbit hole.

which rabbit hole exactly?

> - Also related to https://lists.launchpad.net/duplicity-team/msg02374.html and the remark

yeah, also me advocating the multiple key approach :)

>   regarding verifying the backups, what is your or the teams opinion regarding the usage of
>   Amazon Glacier, especially because version 0.8 seems to support it out of the box?

none specific wrt. me. to each their own.

>   I am aware, that periodical verification of backups is not limited to duplicity as well, the reason
>   for this question is, that I am struggling to reconcile this requirement, the statements in
>   the linked post and the flag "--s3-use-glacier".

if you want to or can afford S3 that is your decision. the fact that the service charges per traffic volume does not make it attractive from my point of view, but who am i to tell people which backend to use.

> - Finally, if you had the time and leisure to read through my admittedly somewhat circuitous
>   insights outlined above, I would be grateful if you let me know, if you think that additional

yeah, well, no sorry. if you could boil it down to some short concise questions maybe.

>   aspects are incomplete or incorrect, besides the fact, that the destination would have to be
>   "append only" and that it is likely unavailing in any case.
well. append only can also mean that on the repo side, daily snapshot are done so that you can verify that your past chain's files were not modified after being created. or daily checksums are taken. it's up to your creativity really.

the primary target of duplicity is "backup to a potentially untrusted backend" meaning you assume that someone might have access to it. that's why you should
- idealy backup to several repos (using a local file:// target and distribute from there or using multi:// backend)
- verify periodically to make sure your backups are uncorrupted

stay healthy ..ede/duply.net

References

Re: [Question #689862]: What would be a real-world scenario to prefer public key encryption to the default symmetric encryption?
From: Andreas Schmidt, 2020-04-14