encryption icon indicating copy to clipboard operation
encryption copied to clipboard
verified publisher icon owncloud

Encrypted files are not self-contained

Open C0rby opened this issue 5 years ago • 11 comments

Not all information that are relevant for verifying the integrity of the encrypted file blocks are stored within the files. The file versions are stored in the database instead. Due to this you have to backup the database in addition to the encrypted files and the key material to be able to properly decrypt the files again. This design decision can also lead to a loss of integrity when a database restore is required as the file versions within the database may not match the files on disk anymore.

C0rby avatar Aug 17 '20 16:08 C0rby

Do you have an idea for a solution ?

mmattel avatar Dec 04 '20 08:12 mmattel

One option is to add the file version to the encrypted file header.

C0rby avatar Dec 04 '20 13:12 C0rby

Adding @micbar, maybe this of interest

mmattel avatar Dec 04 '20 14:12 mmattel

@karakayasemi you have/gained a lot of experiences, maybe you have an idea 😃

mmattel avatar Feb 12 '21 08:02 mmattel

@mmattel as @C0rby said, we can add this information to header. But, again we need to think about a solution for the old files.

We can first try to read file version from the header first, if we do not find in there, we can check from database.

karakayasemi avatar Feb 16 '21 14:02 karakayasemi

good idea, could be combined with #224. When rewritten, add to header, remove from db...

mmattel avatar Feb 16 '21 15:02 mmattel

@mmattel as @C0rby said, we can add this information to header. But, again we need to think about a solution for the old files.

We can first try to read file version from the header first, if we do not find in there, we can check from database.

I think this is the way to go.

When rewritten, add to header, remove from db...

The backend still needs the version field in the DB IIRC.

C0rby avatar Feb 16 '21 15:02 C0rby

good idea, could be combined with #224. When rewritten, add to header, remove from db...

We can not combine with #224. It needs complete rewrite of the file with binary encoding.

karakayasemi avatar Feb 16 '21 15:02 karakayasemi

@karakayasemi any news on that?

mmattel avatar Mar 05 '21 07:03 mmattel

I regulary ping that issue... 😅

mmattel avatar Mar 15 '21 12:03 mmattel

Not all information that are relevant for verifying the integrity of the encrypted file blocks are stored within the files. The file versions are stored in the database instead. Due to this you have to backup the database in addition to the encrypted files and the key material to be able to properly decrypt the files again. This design decision can also lead to a loss of integrity when a database restore is required as the file versions within the database may not match the files on disk anymore.

I'm flattered by this verbatim quote of my paper. The whole text and additional improvements can be found in the whole document: https://eprint.iacr.org/2020/1439

weizenspreu avatar Jul 19 '23 18:07 weizenspreu