I’m asking this because I’m not entirely sure if it makes sense to do all that. Encrypting files offers more privacy, but then you have to think about managing the keys (and nonces or IVs) and make sure you don’t lose them. Would XChaCha20-Poly1305 be ample for this purpose? Compression also makes sense to make the most of your storage space; from what I’ve heard, ZSTD should be a pretty good contender. I was thinking about using PAR2 too but there is no crate for it, I’d have to settle for launching a CLI with arguments, make my own crate for it or try another language, or look for another solution to error correction.
Although, is it even worth the time (and effort) to reinvent the wheel? Would PAR2 even be the best choice? And if you were to use encryption and/or compression with PAR2, would you apply PAR2 last? I’m thinking you would, despite ChatGPT saying otherwise. I’d just like to hear some opinions on all this. Before I forget, I should mention I don’t have (much) money to spend.
Deduplicate, compress, encrypt and snapshot. Encryption is a must. You don’t want to send your data out there in the wild, that might potentially be published in a dark net website. It might go everywhere who knows.
I don’t use cloud storage for backups, but any data I don’t want to change (pictures, music, etc.) on my NAS has par2 automatically created for them on the primary storage device. After that, both the original file and par2 files get backed up.
I have some thoughts on this.
Would XChaCha20-Poly1305 be ample for this purpose?
Yes. But there’s a saying “Don’t roll your own crypto” that applies here. Cryptography is very much something that should only be done by people who know what they’re doing. Even the pros screw it up from time to time. I’d encourage you to write your own encryption program for educational purposes, but not to rely on it for real security until you get a lot of crypto experience under your belt.
A lot of people here will recommend rclone. This is a good recommendation, but rclone’s crypt remote has a few limitations that you should know about:
-
It does not obfuscate file sizes or the directory structure and file tree. This could allow an attacker who has access to the ciphertext to identify known collections of files. Don’t count on rclone’s encryption to help you deny being in possession of a pirated copy of The Simpsons, for instance.
-
It does not protect your files from a malicious cloud provider that wants to truncate or rearrange your files without being detected.
Rclone is still fine for encrypting photos that you took yourself, documents, etc. It’ll keep your private data from being sold on the dark web if your cloud account is hacked and dumped.
I was thinking about using PAR2
PAR2 saved me once when I had important files on a failing hard drive. It probably won’t help you much with cloud stuff though since most competent cloud providers have their own error correction. If you do use PAR2, apply it to the ciphertext, not the plaintext. If you get bit rot, you’ll need to repair the ciphertext to be able to decrypt it if it was encrypted with authenticated encryption.
-