What Does Encryption Actually Encrypt?

bryn.moslow_duplicac · 14 February 2022 20:32

If this is asked and answered, I apologize. I tried searching earlier today and just now and got “the system is under extreme load and search is disabled”.

I was setting up a new storage and went for a quick refresher on the init command. On this page I found something that has me worried about my existing backups:

The passage in question is:

The -e option controls whether or not encryption will be enabled for the storage. If encryption is enabled, you will be prompted to enter a storage password. The storage password is used to encrypt the config file only.

Does this mean that the chunks are NOT encrypted?

There is a forum post here that seems to suggest otherwise but has a ‘last updated’ date from before the wiki page:

gchen · 14 February 2022 20:57

The storage password is used to encrypt the config file only, not chunks. Chunks are encrypted by a secret key stored in the config file.

bryn.moslow_duplicac · 14 February 2022 21:13

Good news, thanks. I was worried I was looking at a long few days of rebuilding storage locations.

87aa841a6fec03dd1ad6 · 16 February 2022 14:33

If it’s only the config file why can’t we encrypt an existing unencrypted storage?

This post says the chunks themselves would be re-encrypted:

Is there something I’m missing?

gchen · 17 February 2022 00:16

All chunks in the storage is immutable. You can’t change them after they are uploaded to the storage.

87aa841a6fec03dd1ad6 · 17 February 2022 01:42

Right… but why would the chunks need to change to “encrypt” (i.e. add a password to) the storage if:

saspus · 17 February 2022 05:24

If the storage is not encrypted — data is in chunks is plaintext

If the storage is encrypted — data in chunks is encrypted with random password that is stored in the config file and protected with your “storage password”

Therefore, to add encryption — actual data in all chunks need to get replaced with encrypted version. Chunks are immutable, so this cannot be done.

But to change existing encryption password only config file needs to be decrypted with old password and encrypted with the new one. Chunks stay encrypted with the same encryption password from the config file.

At least that’s what I understand is going on here.

87aa841a6fec03dd1ad6 · 17 February 2022 19:41

That explanation makes sense, thanks. Unfortunately not “good news” for the OP.

Here’s the relevant section of my unencrypted storage’s config (redacted):

    "chunk-seed": "XXXXXXXXXXXXXX",
    "hash-key": "XXXXXXXXXXXXXX",
    "id-key": "XXXXXXXXXXXXXX",
    "chunk-key": "",
    "file-key": "",
    "rsa-public-key": ""

Can someone with encrypted storage confirm which fields they have populated?