duplicity-talk
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Duplicity-talk] Manifest stores SHA1 hash of files, checked before

From: Kenneth Loafman
Subject: Re: [Duplicity-talk] Manifest stores SHA1 hash of files, checked before restore?
Date: Wed, 13 Jul 2011 20:39:40 -0500
On Wed, Jul 13, 2011 at 7:07 PM, Martin Pool <address@hidden> wrote:
On 14 July 2011 01:53, Chris Poole <address@hidden> wrote:
> (Thus, it's very important to sign
> backups being stored in untrusted locations.)

Yes.

I don't think there's much point having ad hoc partial checks for
malicious changes when signing gives you reliable protection.  An
attacker could always replace the manifest too.

Signing gives you detection for changes in the consistency of the file.  The only reason for the hash is to allow quick verification that the network has not screwed with the file and does not require any keys or decryption to use.  It's a quick check that can be done on the way down.  Checking against the sign key would be a lot more processing.

Good points on using signing for added protection.

...Ken

reply via email to
[Prev in Thread] Current Thread [Next in Thread]