Re: [Duplicity-talk] Different session key for each backup volume?

[Martin Pool]

On 23 June 2011 07:31, Christopher Kunz <address@hidden> wrote:
> Am 23.06.11 11:14, schrieb Chris Poole:
>> Does gpg use a different session key for each volume as Duplicity produces 
>> them?
>>
>> i.e., if an attacker somehow learns the session key for one backup
>> volume, only that volume is compromised?
>>
>>
>> Thanks!
> No. AFAIK, GPG is strictly asymmetric and does not use session keying at
> all (because it is not aware of the concept of sessions).

Well, gpg has a --symmetric mode, and I think duplicity even uses it
in this mode by default, unless you specify a --encryption-key.  Some
symmetric encryption programs actually generate a longer intermediate
session key, use that for the bulk data, then store it encrypted by
the user passphrase.  I'm not sure if GPG does this or not.

In asymmetric mode, gpg does generate a session key, and there will be
a different one for each encrypted file (ie each volume of the
backup).  See <http://www.gnupg.org/gph/en/manual.html>

Asymmetric mode probably makes it harder for an attacker to decrypt
your data, because they have to get your key file, not just guess your
passphrase.  However, it also perhaps increases the risk that _you_
will not be able to get your data back if you lose every copy of your
key.

> However, how would an attacker learn the key for a backup volume?
> Encryption is done on the client and no key ever passes over the network.
>
> If your client is compromised, so is your backup.

This is true.  I don't see the relevance of session keys to backup
security.  Maybe Chris Poole can clarify his question.
Martin