Contents 1 Rsyncrypto - Rsync Friendly File Encryption 2 Latest News 2.1 Site has moved 2.2 Spam Anti Measures Announcement 2.3 Slashdot Comment Discussion 2.4 Latest Version - 1.12 3 Why is Rsyncrypto 4 What is Rsyncrypto 5 Awards 6 Tutorials 7 More Resources

Rsyncrypto - Rsync Friendly File Encryption

Latest News

Site has moved

March 31^st 2012

The site has moved to a new host. To reduce the upgrade costs, the content has been copied without the editing history. My apologies.

-- Shachar

Spam Anti Measures Announcement

December 1^st 2008

It is with heavy heart that I need to announce that from now on it will no longer be possible to edit the wiki unless you create an account and log in. It is still possible for everyone to do so, but the wiki will no longer allow anonymous edits. At this point it is not necessary to confirm your email address in order to create an account, but should the spammers become "smarter", we will do that as well. I'm sorry about this, but I don't have the time to baby-sit the wiki from automated vandalism. Anyone with a better solution is welcome to email the rsyncrypto mailing list.

-- Shachar

Slashdot Comment Discussion

August 18^th 2008

An article at slashdot raised the question of secure backup to remote server. Some of the comments suggested rsyncrypto, and some of the commenters raised some very good questions regarding the security of the algorithm and the implementation. The questions, as well as Shachar, the rsyncrypto developer, answers, may be considered an interesting read.

• Slashdot article
• Question about the effect of constant IV resets on patterns developing in the cipher text
• Worries about the decision function used

Latest Version - 1.12

July 23^rd 2008

New to this version:

• Use safer method to create new files
• On Windows - better error reporting

You can get it from the SourceForge.net download page

Why is Rsyncrypto

Sometimes it is necessary to store files on a remote server. This is typically needed for backup purposes. When that is done, there are two concerns that need to be addressed:

1. How to keep the privacy of the files stored?
2. How to keep bandwidth usage to a minimum?

Both problems have rather simple solutions:

1. Encrypt the files prior to sending them. Keep the key locally.
2. Use rsync to only transfer the changes.

There is just one problem - the two solutions contradict. Plain mode encryption of files hide the specific changes to the file, making rsync useless at detecting in-file changes. This is where rsyncrypto comes to the rescue.

What is Rsyncrypto

Rsyncrypto is a modified encryption scheme. It is based on industry standard AES for symmetric encryption, as well as RSA for having different keys for each file while allowing a single key to decrypt all files. It even uses an encryption mode that is based on CBC.

Rsyncrypto does, however, do one thing differently. It changes the encryption schema from plain CBC to a slightly modified version. This modification ensures that two almost identical files, such as the same file before an after a change, when encrypted using rsyncrypto and the same key, will produce almost identical encrypted files. This means that both objectives can be achieved simultaneously.

Awards

Rsyncrypto has won first prize in the free software trophy competition (Trophées du Libre) in the security category.

Tutorials

There are some tutorials on line, which might help you with your experience with rsyncrypto:

• Efficient rsyncrypto hides remote sync data
• http://blog.wuxinan.net/archives/86

More Resources

• Plans for future versions
• Details about the rsyncrypto algorithm