Rsyncrypto
目次 |
公式サイトの翻訳
以下の翻訳文章のみ、Creative Commons Attribution-Share Alike 3.0 Unported で公開します。
Rsyncryptoについて
ときどき、リモートサーバにファイルを保存しなきゃいけなくなったりする。たとえばバックアップするためとか。で、リモートサーバに保存したら、
- リモートに保存したファイルの存在をどうやって隠すのか?
- ファイルを転送するときの帯域をどう減らせるか?
という二つのことに注意しなきゃいけなくなる。
こうした問題には、次のような解決策がある。
- Encrypt the files prior to sending them. Keep the key locally.
- Use rsync to only transfer the changes.
There is just one problem - the two solutions contradict. Plain mode encryption of files hide the specific changes to the file, making rsync useless at detecting in-file changes. This is where rsyncrypto comes to the rescue.
What is Rsyncrypto
Rsyncrypto is a modified encryption scheme. It is based on industry standard AES for symmetric encryption, as well as RSA for having different keys for each file while allowing a single key to decrypt all files. It even uses an encryption mode that is based on CBC.
Rsyncrypto does, however, do one thing differently. It changes the encryption schema from plain CBC to a slightly modified version. This modification ensures that two almost identical files, such as the same file before an after a change, when encrypted using rsyncrypto and the same key, will produce almost identical encrypted files. This means that both objectives can be achieved simultaneously.
Awards
Rsyncrypto has won first prize in the free software trophy competition (Trophées du Libre) in the security category.
Tutorials
There are some tutorials on line, which might help you with your experience with rsyncrypto:
