Vadim Encrypted Backup

May 25. 2008, Øyvind Hansen

The goal of VEB is to allow backups to be stored off site, but still provide both confidentiality and integrity of the data. The protocol which the data is encrypted and signed by is easy to understand and implement. Thereby one could easily port this to a variety of platforms. The initial project is implemented using rsync and Python, on OSX and Solaris 10, Linux and other UNIXes should be no problem.

History behind

The reason why I had the need for a solution like this is simple. I got a digital SLR camera, and have taken a lot of photos, and photos, as we all know can part of history by the click of a key or the crash of a disk. Or even worse, theft or fire.

What I needed was a cheap and secure solution. I could easily have used only rsync and an account on one of my friends computers, I trust my friends, but I do not trust their equipment. I do not want to make them liable for potential data theft or other misuse that might happen to my data on their computers.

If I could encrypt my data easily before sending it to the backup host that would probably solve my problem. And I could add signatures to provide integrity of my data.

Roadmap

I will release a version of this solution within July 2008. It is still in a very early planning phase, and I will have to get some reviews of the solution before releasing it.

Update August 26: August is almost over, and no release yet, but I guess within a month or so, we will be able to release a alpha version. As we got real work and children, our spare time is not sufficient for quick releases...

In the current version I'm using Python 2.5 and Python Cryptography Toolkit (pycrypto). rsync is managed by shell scripts, but I aim to include rsync control into Python code. All connections run under SSH.