Librem 5 Backup and Restore – Purism

To provide a bit more background (not sure of your level of expertise) -

A human being makes up a somewhat memorable encryption password, hopefully not too easily guessable, and typically comprising printable characters only e.g. “myLibrem5Backup” :slight_smile:

A “key derivation function” (KDF) converts the encryption password into an X-bit key (whatever length key is actually required by the encryption algorithm being used).

Human beings aren’t very good at making up random passwords (not uniformly distributed and not much entropy). It may be viable for an attacker to iterate through all passwords that a human would actually choose and maybe quickly eliminate that key by decrypting the first encryption block. That will take far far less time than simply iterating over all X-bit keys. (Even though the vast majority of X-bit keys can never arise from the KDF algorithm, due to lack of entropy in the original password, the attacker has no way of telling which X-bit keys can arise and which cannot.)

A KDF is designed to be hard on the CPU - take a non-trivial amount of time on a current CPU but not so much time that the user experience sucks or even that network protocols time out waiting for keys to be derived - and ideally be difficult to implement in a GPU. The KDF has to mung the password hard but not too hard. To maintain strength over time a KDF typically has a parameter that is the number of iterations that are applied.

According to the internet, openssl uses as the default KDF something that is home brew (similar to PBKDF1) with an iteration count of 1.

Anything “home brew” should be considered at least a little bit suspect (but as this is open source it can be retrospectively reviewed by experts around the world, and no doubt has been).

PBKDF1 having been superseded by PBKDF2 should be considered suspect.

An iteration count of 1 is almost certainly woefully inadequate. (By way of comparison, when WiFi uses PBKDF2, it uses 4096 iterations.)

3 Likes

Hi,
I have no problem to make Backup on the memory card.
But, I’m not able to make backup on Network server…
How can I find a Network server?
I thought that I could on that Webo Cloud : https://nextcloud05.webo.cloud/login?user=pertinence@riseup.net&direct=1

But when I ask to the backup app to make a backup, he respond me :
« Traceback (innermost last):
File “/usr/bin/duplicity”, line 122, in
with_tempdir(main)
File “/usr/bin/duplicity”, line 108, in with_tempdir
fn()
File “/usr/lib/python3/dist-packages/duplicity/dup_main.py”, line 1522, in main
action = commandline.ProcessCommandLine(sys.argv[1:])
File “/usr/lib/python3/dist-packages/duplicity/commandline.py”, line 1187, in ProcessCommandLine
config.backend = backend.get_backend(args[0])
File “/usr/lib/python3/dist-packages/duplicity/backend.py”, line 223, in get_backend
obj = get_backend_object(url_string)
File “/usr/lib/python3/dist-packages/duplicity/backend.py”, line 209, in get_backend_object
return factory(pu)
File “/usr/lib/python3/dist-packages/duplicity/backends/giobackend.py”, line 96, in init
self.remote_file.make_directory_with_parents(None)
gi.repository.GLib.GError: g-io-error-quark: Operation not supported (15) »

Make backup on the memory card and then copy the resulting single file to the network?

The above kind of error is typical with file system abstractions. That is, the application thinks that it is interacting with a local real file system but in reality it is some kind of virtual file system that unfortunately does not support all of the operations that the local real file system does (in this case, perhaps, creating a directory).

Personally I wouldn’t use some random server on the internet as the target of my backup file anyway unless the backup has both confidentiality and integrity before it hits the network.

1 Like