Academic Integrity: tutoring, explanations, and feedback — we don’t complete graded work or submit on a student’s behalf.

I\'ve got an existing (personal) backup service which I\'m rewriting from the gr

ID: 653498 • Letter: I

Question

I've got an existing (personal) backup service which I'm rewriting from the ground up to be secure.

At present, I just store files (and diffs) in AWS S3 with no encryption. It works fine but I'd like to make sure my data can't be leaked.

For the sake of this discussion, I'm assuming the S3 data can be read by someone else. I want to be able to to backups without having to provide a key/password on startup.

My current plan is as follows:

Generate a public/private key pair. Store the private key somewhere safe (without writing to local disk). Store the public key locally.

On a per-file basis (or part of file):

+ Securely generate a symmetric key
+ Use the symmetric key to encrypt the file
+ Encrypt the symmetric key using the public key
+ Store the IV, encrypted symmetric key and encrypted file data in S3

Am I correct in assuming that even though all the data from the last point above can potentially be read by someone else, the fact that the private key is required to recover the symmetric key means this is secure?

Am I missing anything obvious?

Explanation / Answer

The basic design you propose is secure. Of course, the security of any working system also depends on the implementation.

However, using public key crypto for backups has little benefit compared to symmetric crypto. The usual arrangement for backups is to have a symmetric key. You store this in two places: your working machine, and in a secure, safe, offline backup. There's no real risk around having the key on your working machine; it is only used to encrypt data that is already present on that machine.

Symmetrically encrypted backups are supported by a lot of software, e.g. Duplicati. This can even do incremental encrypted backups, which I think would be impossible with the public key approach you propose.

Related Questions

I\'ve did what I could to work on this website that should focus on appealing to
Question #3835765
I\'ve did what I could to work on this website that should focus on appealing to
Question #3837090
I\'ve done 1-2, and I\'ve tracked the file in 3. I do not understand how to \"re
Question #3743390
I\'ve done a complex number class and have a demo it runs with but I need to cre
Question #3642616
I\'ve done countless hours of research, tried tens of programs, and have yet to
Question #661284
I\'ve done part 1 and 2 and now I\'m stuck on part 3. This pseudo code is going
Question #3527007
I\'ve done part 1 and 2 and now I\'m stuck on part 3. This pseudo code is going
Question #3551791
I\'ve done soemthing wrong here because I have no errors, but this program I wro
Question #3764763
Hire Me For All Your Tutoring Needs
Integrity-first tutoring: clear explanations, guidance, and feedback.
Drop an Email at
drjack9650@gmail.com
Chat Now And Get Quote

Navigate

Previous
I\'ve got an ASP Classic system that passes around sequential ids corresponding
Next
I\'ve got an idea for a tiny utility program that seemingly nobody has thought o

Integrity-first tutoring: explanations and feedback only — we do not complete graded work. Learn more.