starred/kopia
1
0
Fork 0
mirror of https://github.com/kopia/kopia.git synced 2026-04-25 09:55:50 +03:00
Code Issues Projects Packages Wiki Activity
Page: Data Encryption
Pages
Data Encryption Filesystem Google Cloud Storage Home Object ID Repository User Guide
8 Data Encryption
Jarek Kowalski edited this page 2017-07-18 09:28:46 +02:00
Table of Contents

Object data in the Repository is stored unencrypted or encrypted.

Unencrypted mode is recommended for repositories that are stored in trusted locations:

  • Any user with access to of repository can see the contents of all the files, although they can't easily find names of files.
  • This mode supports low-level recovery of data in events where the directory structures maintained by Kopia have been lost.

When encryption is used any user with access to repository and the shared key can decrypt all files, although they can't easily find names of files.

  • Per-object initialization vector (synthetic IV, or SIV) is derived from the object contents and a secret that is also stored in the vault.

  • This mode is recommended for data owned by a single user or a set of trusted users trusting each other, where key sharing is feasible

Encryption Formats

The following formats can be selected when creating a repository.

ID ObjectID Length Encryption
UNENCRYPTED_HMAC_SHA256 65
UNENCRYPTED_HMAC_SHA256_128 33
ENCRYPTED_HMAC_SHA256_AES256_SIV 33 AES-256

The default format is ENCRYPTED_HMAC_SHA256_AES256_SIV.

This section describes the algorithm used for generating block ID and encryption key for each encryption mode based on content of the data and in some cases secret and encryptionKey secured in the Vault:

  • UNENCRYPTED_HMAC_SHA256:

    • contents are not encrypted and stored in a block named:
        blockID := BASE16(HMACSHA256(secret,content)
    • per-repository secret is stored in the Vault

  • UNENCRYPTED_HMAC_SHA256_128:

    • contents are not encrypted and stored in a block named:
        blockID := BASE16(TRUNCATE(HMACSHA256(secret,content),16)
    • per-repository secret is stored in the Vault
    • this mode produces shorter object identifiers (128-bit instead of 256-bit), which are somewhat easier to work with in interactive sessions

  • ENCRYPTED_HMAC_SHA256_AES256_SIV:

    • block contents are encrypted with AES-256 in CTR mode with synthetic IV derived from the content:
        iv := TRUNCATE(HMACSHA256(secret,content),16)
    cipherText := AES256CTR(encryptionKey,iv,content)
    blockID := BASE16(iv)
    • per-repository encryptionKey and secret are stored in the Vault