Security problem with frequently updating rclone crypt backend

I have a crypt backend on Gdrive (that we shall all regard as untrusted!). I mount it locally, and work inside the mounted directory.

Directory contains text files that I constantly edit and save. Each time a file is saved, my understanding is that the whole file (or maybe a block in it), has to be re-encrypted with Xsalsa20-poly1305 and new randomness.

  • Is there a security problem with large number of updates, with a crypt remote and an untrusted remote server that snapshots data?

  • Rclone has to choose a new random key and nonce. Wouldn’t increased chances of nonce reuse be a problem?

  • Wouldn’t depletion of the host system from entropy be a problem?

  • Are there known attacks if attacker sees changes in ciphertext continuously in time?

This topic was automatically closed 60 days after the last reply. New replies are no longer allowed.