Namaste misc,
What tool(s) would you recommend to encrypt and sign a file - correctly
- for backup?
I possess a limited ability to read code, and I am certainly not a
cryptographer.
In my limited understanding, to securely backup and restore a file, the
steps are:
To backup:
Step 1 - encrypt the file using a tool
Step 2 - sign the encrypted file using a tool
Step 3 - backup the signature and the encrypted file
To restore:
Step 1 - verify the encrypted backup with its signature
If Step 1 exits with success,
Step 2 - decrypt backup to file
If Step 2 exits with success,
Step 3 - use file to restore
For the tools to encrypt and sign, I think I may use the following:
For encryption: encpipe
encpipe (https://github.com/jedisct1/encpipe) is ISC licenced, written
in C by Monsieur Denis and seems simple. If there is one thing that I
know - and I admit I don't know much - all things being equal, simple
beats complex.
However, I do not understand the math underlying the tool or whether all
things are indeed equal - possible attack vectors, mitigations et al.
And hence, my request.
For signature: signify
I think signify may suffice for signature. For other platforms, minisign
(https://github.com/jedisct1/minisign) is compatible with signify.
Dhanyavaad,
ab
---------|---------|---------|---------|---------|---------|---------|--
No comments:
Post a Comment