Re: [Bacula-users] Encryption and hardware compression

Cedric Tefft wrote:
> Markus Falb wrote:
>> Eric Böse-Wolf wrote:
>>
>>  
>>> Vladimir Doisan <vdoisan AT giantmarkets DOT com> writes:
>>>
>>>    
>>>> If you turn TLS and file encryption - the data will be double 
>>>> encrypted
>>>>       
>>> If I only turn on file encryption, then the data goes encrypted over 
>>> the
>>> wire or the air, but what is not encrypted?
>>>
>>> For example what's with the connection cookie the director presents the
>>> [FS]D (don't know exactly)?
>>>     
>>
>> Same Question here! In other words: If i do Data Encryption, is it 
>> safe to avoid the double encryption by disabling TLS for File Daemon 
>> to Storage Daemon Network Communication ?
>>
>>   
> As I understand it, "data encryption" (as the manual uses the term) 
> means the FD encrypts the CONTENTS of every file before it's sent to 
> the SD.  The SD then stores each file to the backup media as-is (in 
> its encrypted form).  No decryption (or encryption for that matter) is 
> done by the SD.  File metadata (filename, path, size, permissions, 
> etc.) are not encrypted, nor are any other aspects of the 
> communication between the FD and SD (commands, negotiation, etc.).
>
> "TLS encryption" refers to encryption of the communication channel 
> between the various daemons -- in this case, we're concerned with the 
> communication channel between the SD and FD.  With "TLS encryption"  
> the FD encrypts everything it sends to the SD (file contents, 
> metadata, commands, etc.) , but unlike "data encryption" the SD 
> decrypts everything at the other end.  If you are not also using "data 
> encryption" your files get written to the backup media UNencrypted.
>
> So the answer to your question depends on which pieces of your backup 
> scheme you consider to be insecure.  If you're worried about someone 
> getting hold of your backup media, you need "data encryption".  If 
> you're worried about someone eavesdropping on communications between 
> the FD and SD, you need "TLS encryption".  And obviously, if you're 
> worried about both, you need both.
>
Actually, now that I re-read it, I realize that last bit was a little 
misleading, so I'll try to clarify:

If you're using "data encryption" ONLY (i.e. not in conjunction with TLS 
encryption), anyone who can eavesdrop on the communication between your 
SD and FD will NOT have access to the unencrypted contents of your 
files.  However, he WILL have access to the names of those files as well 
as size, permissions, timestamp, etc.  If that doesn't concern you, 
"data encryption" alone might be what you want, although I'd recommend 
you think very carefully before going that route.  A sophisticated 
hacker could potentially use the unencrypted metadata as the basis of an 
attack.

- Cedric

------------------------------------------------------------------------------
Come build with us! The BlackBerry(R) Developer Conference in SF, CA
is the only developer event you need to attend this year. Jumpstart your
developing skills, take BlackBerry mobile applications to market and stay 
ahead of the curve. Join us from November 9 - 12, 2009. Register now!
http://p.sf.net/sfu/devconference
_______________________________________________
Bacula-users mailing list
Bacula-users AT lists.sourceforge DOT net
https://lists.sourceforge.net/lists/listinfo/bacula-users