Filippo Valsorda reviews restic encryption/security


#1

In his blog, as part of looking for a new storage and backup solution, Filippo Valsorda takes a look at the encryption and general security of restic.

While you might have already guessed the outcome of his research, the article is still an interesting read and available at: https://blog.filippo.io/restic-cryptography/

Please note that this is not an official audit or formal review of restic, as explained in the article. Nonetheless, thanks to Filippo for taking a closer look at and writing about restic!


#2

And the matching discussion on HN: https://news.ycombinator.com/item?id=15131310


#3

The conclusion from the blog post:

The design might not be perfect, but it’s good. Encryption is a first-class feature, the implementation looks sane and I guess the deduplication trade-off is worth it.

So… I’m going to use restic for my personal backups.

Nice job @fd0