Jump to content
Covecube Inc.
  • 0
chiamarc

Checking encryption key

Question

Hi Folks,

 

So, I've been uploading to a clouddrive for a couple months now and I wanted to make sure that I have the right encryption key printed out.  I also chose to store the key locally for convenience so I could auto-unlock on boot.  But here's the thing:  I had setup a cloud drive previously then had to destroy it (for irrelevant reasons).  Now I can't recall if the PDF I saved was for that previous drive or the current drive.  Since I have it saved locally, is it possible to compare the key to the one in the PDF?  Where is the key located?  If not, can I just print out the key somehow using the locally saved copy?  Otherwise, how can I check that I've got the right key in case of a disaster?

 

Thanks,

Marc

 

Share this post


Link to post
Share on other sites

14 answers to this question

Recommended Posts

  • 0

Unfortunately, there isn't really a good answer for that right now.  We don't have a "recovery "method for finding the key, even if the drives is set to auto-unlock.

 

Right now, the best option would be to detach the drive and reattach it and test the encryption key.

 

 

 

we do plan on adding better options for this in the future.  But for now ... there isn't a good way to do this.

 

 

 

And part of the reason for that is how the software is designed.  We do me "trust no one" when it comes to the encryption.  The more recovery options we add, the more likely that somebody may manage to break into the drive.  So it's a trade off.  But like I said, we do plan on making this easier, in the next big release. 

Share this post


Link to post
Share on other sites
  • 0

But it would seem that if it's already stored locally for unlock, you're implicitly trusting the user's machine at least.

 

So question:  if I detach the drive then reattach and test the key and it's incorrect, I won't be able to unlock the drive and all the bandwidth I just spent uploading will have been for naught?

Share this post


Link to post
Share on other sites
  • 0

I'd like to ask if Alex can add a little bit of priority on this because I have 2TB+ in the cloud right now and I've blown my two courtesy months with Comcast.  I'm covered with duplication locally but I'm a bit exposed on the cloud backup if something bad happens and that key is incorrect.

Share this post


Link to post
Share on other sites
  • 0

I think, it should be possible to identify the drive, which the key in the PDF belongs to, by comparing the creation date written into the key PDF file with the “CreatedTimeUtc†entry in the corresponding METADATA file on the cloud storage. These two timestamps should be very close (after having the PDF date converted to UTC time zone) with just a few seconds difference (because the key PDF is created a bit before the actual drive creation is launched).

 

Share this post


Link to post
Share on other sites
  • 0

I beleive this is already a high priority feature request. 

 

However, I'll mention this to alex directly. 


I think, it should be possible to identify the drive, which the key in the PDF belongs to, by comparing the creation date written into the key PDF file with the “CreatedTimeUtc” entry in the corresponding METADATA file on the cloud storage. These two timestamps should be very close (after having the PDF date converted to UTC time zone) with just a few seconds difference (because the key PDF is created a bit before the actual drive creation is launched).

 

Correct. 

Share this post


Link to post
Share on other sites
  • 0

"Created time" is also displayed in the Details... window accessible from the CD Technical Details window.  Right now I'm SOL because my PDF is showing a creation time of 27 days earlier :(

Share this post


Link to post
Share on other sites
  • 0

Guess what?  I found the key in my clipboard manager!  I was absolutely sure that I had the right key because of the date.  I detached my cloud drive then reattached it and it asked for the key.  Here's where things get sticky and please tell me if you've seen this before.  I entered the key and it did....nothing.  It went back to showing me the "this drive is encrypted" screen.  I looked at the Feedback log and one message says "Complete - Unlock drive Backups" but the other message still insists the drive needs to be unlocked.  Was this a silent failure?  I tried several more times with both keys that I had...same result.  Oh well I figured I just had the wrong key.  I stupidly (but reluctantly) destroyed the drive thinking I had no way in hell of getting it back.  Here's where I'm kicking myself:  I've set up another drive on the same provider, recorded the key, attached it and written a small amount of data to it.  Just to assure myself that I did something absolutely ridiculously stupid by destroying the drive, I detached the new drive then tried to attach it again with the key I just generated.  And... I'm getting the same damn result as I had with the previous drive.  I am not able to unlock it no matter what I do.  This is CD 1.0.2.950 Beta.

Share this post


Link to post
Share on other sites
  • 0

:o I recently updated CD on one of my PCs to 1.0.2.950 Beta too and a quick test reproduced that issue!

The same encrypted cloud drive cannot be attached on that machine with the right key, while it’s decrypted and attached without problems on another PC with CD 1.0.2.929 Beta.
 

Share this post


Link to post
Share on other sites
  • 0

Last night I took it upon myself to do a binary search for the first occurrence of this problem between betas 930 and 949.  I can confirm that, at least on my setup, the problem seems to start with 948 and continues to 950.  Viktor, can you check this?  Thanks.

Share this post


Link to post
Share on other sites
  • 0

Yeah, there was a change in how mounting occurs in 948, so likely, this broke something when unlocking and mounting the drive. 

 

Ive already flagged the issue for Alex, and hopefully, we'll get a fix out soon.

 

In the meanwhile, roll back to 947 until we have a fix.

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Answer this question...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...

×
×
  • Create New...