0

I'd like to set up a remote backup for my PC. I want to have it run at scheduled times, encrypting the data locally and then transmitting it to the server. I'd like to use something popular and open source (like veracrypt), but most of those seem to be symmetric encryption. In order to perform the encryption, the system would have to have the key stored locally, or have the user type in a password every time.

One thought I had was to use asymmetric encrption. The scheduled service would use a local public key to encrypt the data, and then send that data, as well as a symmetrically encrypted private key, to the server. This way, the user would only have to enter the password when they wanted to decrypt the data, during a restore. The plaintext private key would never be stored.

Is this a reasonable approach? Are there any better/more secure ways of doing this?

edit: Having done a bit more research, it looks like this would actually likely have to be a symmetric key, encrypted with an asymmetric key, and then encrypted with a symmetric key again, since asymmetric keys can only encrypt data as long as the key (is this true?). This is annoying because it means that for the duration of the encryption process, the base symmetric encryption key will be available in the system.

BeB00
  • 101
  • 2
  • Product recommendations are off-topic. Searching for [encrypted remote backup public key](https://www.google.com/search?q=encrypted+remote+backup+public+key) leads to several solutions and products which seem to do what you want, for example Duplicity. – Steffen Ullrich Dec 09 '20 at 05:11
  • Removed the part asking for recommendations – BeB00 Dec 09 '20 at 05:35
  • Still, look at the actual search results and for example at Duplicity and you will see that they take the approach you are proposing. – Steffen Ullrich Dec 09 '20 at 05:45

0 Answers0