Namaste misc, What tool(s) would you recommend to encrypt and sign a file - correctly - for backup?
I possess a limited ability to read code, and I am certainly not a cryptographer. In my limited understanding, to securely backup and restore a file, the steps are: To backup: Step 1 - encrypt the file using a tool Step 2 - sign the encrypted file using a tool Step 3 - backup the signature and the encrypted file To restore: Step 1 - verify the encrypted backup with its signature If Step 1 exits with success, Step 2 - decrypt backup to file If Step 2 exits with success, Step 3 - use file to restore For the tools to encrypt and sign, I think I may use the following: For encryption: encpipe encpipe (https://github.com/jedisct1/encpipe) is ISC licenced, written in C by Monsieur Denis and seems simple. If there is one thing that I know - and I admit I don't know much - all things being equal, simple beats complex. However, I do not understand the math underlying the tool or whether all things are indeed equal - possible attack vectors, mitigations et al. And hence, my request. For signature: signify I think signify may suffice for signature. For other platforms, minisign (https://github.com/jedisct1/minisign) is compatible with signify. Dhanyavaad, ab ---------|---------|---------|---------|---------|---------|---------|--