Timeline for Managing keys for encrypted system backups and recovery
Current License: CC BY-SA 4.0
10 events
| when toggle format | what | by | license | comment | |
|---|---|---|---|---|---|
| Nov 21 at 23:01 | history | bumped | CommunityBot | This question has answers that may be good or bad; the system has marked it active so that they can be reviewed. | |
| Oct 27 at 18:19 | comment | added | jrw32982 | Essentially, encrypt your backup with a key you can remember or can recover (e.g. stored on a piece of paper in a safe deposit box). | |
| Oct 22 at 22:35 | answer | added | tylerl | timeline score: 0 | |
| Oct 22 at 7:50 | comment | added | Ja1024 | The better you understand your own requirements, the easier it will be to look or ask for suitable solutions. | |
| Oct 22 at 7:49 | comment | added | Ja1024 | Even if you had a complete list of building blocks, that still wouldn't tell you what makes sense in your case. It's better to start with the requirements: How critical is it to protect the confidentiality of the data? Would a leak be a minor inconvenience or a catastrophe? Whom do you need to protect the data from? Just ordinary people who can be stopped with a simple locked drawer, or do you expect more motivated attackers? Can you reliably remember a strong passphrase, or do you want the recovery to work even if your memory fails? | |
| Oct 22 at 7:42 | review | Close votes | |||
| Nov 7 at 3:01 | |||||
| Oct 22 at 7:33 | comment | added | Sam Coutteau | I don't want to ask for "What is the best" or "What works in all cases", I'm more interested in the common building blocks for this sort of problem. There are a lot of algorithms in the space of encryption such as BIP39, Secret sharing, ... ; but I'm not familiar enough with the literature to know which techniques make sense in this context. Perhaps this is indeed a survey of what is commonly used, but due to a lack of alternatives I'm asking the question here. Any pointers to better suited forums are always welcome | |
| Oct 22 at 7:22 | comment | added | Ja1024 | Surveys and opinion-based questions don't really work on this site. There are many different options for different requirements. Keys can be printed out or stored in digital form. They can be kept as plaintext or wrapped with another key or passphrase (in which case you must remember the passphrase). They can be physically protected in a safe, a bank vault or some other secure location. They can be split or stored as a single piece of data. And so on. We cannot tell you what is right in your case, nor is the solution somebody else uses automatically useful for you. | |
| S Oct 22 at 6:29 | review | First questions | |||
| Oct 23 at 12:12 | |||||
| S Oct 22 at 6:29 | history | asked | Sam Coutteau | CC BY-SA 4.0 |