m7a
commented
1 year ago I worked on creating a custom restoration program for Bupstash v0.10.3 with the specific goal of understanding its data format better. As a result, I wrote down something about Bupstash's Cryptosystem in the restore program's documentation https://masysma.net/32/maxbupst.xhtml. Maybe it helps with understanding Bupstash's crypto?
I wasn't able to find a clear description of the cryptography used in bupstash. There is this technical overview page, but I wasn't able to find this page linked from the web docs - and it's also pretty vague and generalized. There's a bit of information scattered here and elsewhere, but I think for such a high priority part of any backup solution, having clear documentation is important.
Compare e.g.
Borg: https://borgbackup.readthedocs.io/en/stable/internals/security.html Restic: https://restic.readthedocs.io/en/stable/100_references.html
This seems like it would be a step towards getting the cryptography reviewed by an expert.
Thanks!