Encrypted Read-Only Secret - Restore Data


bigbear

Recommended Posts

I am trying to figure out, how i could restore some of my data.

 

My setup:

 

I have two machines:

Machine A with D***** Key and the Read Only Encryption Key E**********

Machine B with only the shortened Read Only Encryption Key F****

 

The use of machine A is mainly work, machine B is for backup purposes only.

 

I understand that if machine A is fails, with the use of code D***** and a brandnew machine C, everything just starts downloading and decrypting.

 

So far so good.

 

But what if a file is accidentally deleted on A? Can the .syncArchive be accessed over the BitTorrentSync app somehow?

 

Even if one finds the encrypted file in machine B, how can it be decrypted? (The searching might be tough, though)

 

Thanks for any inputs.

Link to post
Share on other sites

But what if a file is accidentally deleted on A? Can the .syncArchive be accessed over the BitTorrentSync app somehow?

No. If something gets to .syncArchive on Encrypted-only (F..) peer, there is no way to restore it.

Link to post
Share on other sites

@RomanZ,

 

Thank you for your explanation.

So, if i have retrieved any encrypted file via FTP (or any other way) from the Encrypted-only (F..) peer and i have all the  Keys, i still cannot decrypt it?

 

Why does BTSync than even keep the encrypted files in .syncArchive?

 

If so, any virus / mistaken deletion is fatal. Also the use of the version history is not meant to be used with encrypted-only (F..) Peers.

 

My scenario would be kind of a "TimeMachine" backup of the (F..)peer folder onto another HDD. But if i only store undecryptable material....

Link to post
Share on other sites

@bigbear

 

So, if i have retrieved any encrypted file via FTP (or any other way) from the Encrypted-only (F..) peer and i have all the  Keys, i still cannot decrypt it?

That's right. To decrypt the file you need to get:
1) Encrypted file
2) D... or E... type of secret
3) Metadata from Encrypted Peer

When you transfer the file with some other means, you omit the metadata, while it is totally necessary to calculate decryption key.

 

Why does BTSync than even keep the encrypted files in .syncArchive?

SyncArchive can be used to restore data. When you move files around, sometimes the "move" event comes as "delete + create new file in new location". So Sync can use Archive to get file from there instead of re-syncing it.

 

If so, any virus / mistaken deletion is fatal. Also the use of the version history is not meant to be used with encrypted-only (F..) Peers.

My scenario would be kind of a "TimeMachine" backup of the (F..)peer folder onto another HDD. But if i only store undecryptable material....

Well, good point. I suggest noting it in Feature Requests forum to make sure that idea is not lost.

Link to post
Share on other sites

@RomanZ:

That's right. To decrypt the file you need to get:

1) Encrypted file
2) D... or E... type of secret
3) Metadata from Encrypted Peer

When you transfer the file with some other means, you omit the metadata, while it is totally necessary to calculate decryption key.

I think i read this somewhere before. Is there any way to store/backup the Metadata from the Encrypted Peer? Can you elaborate more, what the Metadata contains? Is this file specific or per Peer?

 

If i have all of this information, is there a decrypter available?

 

 

SyncArchive can be used to restore data. When you move files around, sometimes the "move" event comes as "delete + create new file in new location". So Sync can use Archive to get file from there instead of re-syncing it.

I understand, Thank you.

 

 

Well, good point. I suggest noting it in Feature Requests forum to make sure that idea is not lost.

I will. I have. http://forum.bittorrent.com/topic/31140-encrypted-read-only-secret-restore-deleted-data/

Link to post
Share on other sites

@bigbear

 

Well, you can simply pack / copy it. However, it should be done only together with files, as it is not safe to backup metadata separately from files.

 

what the Metadata contains? Is this file specific or per Peer?

It contains hash of the non-encrypted file, which is one of components of actual encryption key. So, it is file-specific.

 

In general, I understand your concerns. We'll review encrypted peers and see how it can be adjusted to be more convenient to use.

Link to post
Share on other sites
  • 4 weeks later...

I understand that if machine A is fails, with the use of code D***** and a brandnew machine C, everything just starts downloading and decrypting.

 

I was hoping it works that easily. But nothing is synchronized back.

 

Similar test scenario :

- source mac os : folder sync with D type key (RW)

- backup linux : folder sync with F type key (E-RO)

After sync is finished, tested (for renaming, deletion, update), I remove from BTSync GUI the original folder on source machine and try to reverse the process. So I add a new (empty) folder with the D type secret. As there is no .sync subfolder, nothing get deleted on the backup machine: good. But nothing is restored, and that is a problem.

 

I don't find a way to "force" BTSync to restore the data... :/

 

Help?

Link to post
Share on other sites

Archived

This topic is now archived and is closed to further replies.