I would want to sometimes check the integrity of my files stored on configured backends by downloading the files (block by block) once and in the same time authenticating them. With the poly1305 authenticator rclone adds when using crypto backend. Using a normal check is inefficient, because files needs to either exist locally or be downloaded twice. cryptcheck won't work either because it also needs a local copy
rclone cat remote:file.ext > /dev/null
1 Like
Assuming I understand your question correctly (may not be a good assumption), the encryption used by rclone is not authenticated. Without someone to compare it to, you can't verify the file is correct.
If I am mistaken, please let me know!
Rclone encryption does use an authenticator as docemented at
In this page can search "integrity". Here are the most important quotes Hashes are not stored for crypt. However the data integrity is protected by an extremely strong crypto authenticator. and File content encryption is performed using NaCl SecretBox, based on XSalsa20 cipher and Poly1305 for integrity. Poly1305 is what makes the encrypted files about 0,05% larger than unencrypted
TL/DR: You're right. I take it back. There is some nuance but it's likely academic.
I will be the first to tell you that I am out of my depth here. So please take this with a grain of salt.
You are correct. Each 64k chunk is authenticated as per the docs for both rclone and secretbox.
For your purposes of verification of the file, I concur with @asdffdsa's solution and retract my comment. This does seem to be your purpose.
What this method lacks, and may not matter for practical purposes, is the integrity of the whole file. If whole chunks are modified or added, it would not error. Of course, this means that the attacker has your key (or password(s)) so it is moot.