|
From: | Christopher Kunz |
Subject: | Re: [Duplicity-talk] Different session key for each backup volume? |
Date: | Fri, 24 Jun 2011 15:23:53 +0200 |
User-agent: | Mozilla/5.0 (Windows; U; Windows NT 6.1; de; rv:1.9.2.18) Gecko/20110616 Lightning/1.0b2 Thunderbird/3.1.11 |
Am 24.06.2011 14:48, schrieb Chris Poole:
Each volume is piped through GPG separately, so I'd presume there's a different session key each time.As such, my assumption is that Duplicity assembles a plaintext volume, which is then run though GPG before being uploaded somewhere. Then it grabs more plaintext data, packs it into a volume of a certain size again, and runs GPG again. As such, each volume will have a different 'session key' generated. My question really pertains to how Duplicity, or perhaps how the GPG library that it uses, works. I assume it doesn't start up GPG, generate a session key once, then somehow keep that session going such that each volume uses the same random key for all the symmetric encryption.
The question though (still): How would someone gain access to the session key? I can't see a scenario. That key is only available in memory on the client machine during archive creation. And of course in encrypted form in the volume, but to decrypt it you need the privkey.
Gruß, --ck -- Filoo GmbH Christopher Kunz, Geschäftsführer Web: http://www.filoo.de/ E-Mail: address@hidden Tel.: (+49) 0 52 48 / 1 89 84 -11 Fax: (+49) 0 52 48 / 1 89 84 -20 Please sign & encrypt mail wherever possible, my key: C882 8ED1 7DD1 9011 C088 EA50 5CFA 2EEB 397A CAC1 Moltkestraße 25a 33330 Gütersloh, Germany HRB4355, AG Gütersloh Geschäftsführer: S.Grewing, J.Rehpöhler, C.Kunz Folgen Sie uns auf Twitter: http://twitter.com/filoogmbh
[Prev in Thread] | Current Thread | [Next in Thread] |