Password storage security

[Ramon88]

Does anybody know how secure Retrospect stores its passwords needed for scripted access to encrypted (in my case AES-128) Backup Sets.

 

I need this information for external auditor security analyses.

[Mayoff]

The passwords are all stored in an encrypted format. The password is part of the media set. Retrospect backup sets AES encryption is US government certified.

[Ramon88]

Thanks Robin.

 

I have no doubt AES-128 and 256 are safe enough for our auditor. However the weakest link is the password itself, not the encryption cypher.

 

When Retrospect stores a password for scripted access, I presume it will store it on the local system and not in the Backup Set. When you say "The password is part of the media set." it seems to suggest the password is stored with the Backup Set? Wouldn't that be very insecure?

 

Can you tell me anything about how strong the encryption for the password storage is? And I don't mean the backup data encryption (AES) itself.

[Ramon88]

Robin, I seriously need this information in order to keep our auditor happy. So prettypleasewithsugarontop...

[Mayoff]

Sorry for the long wait. I was checking with engineering to give you a good answer. How this stuff is handled is actually really complex and not easy for myself to explain.

 

Basically the password is not even saved on the media set or catalog. The password is used at the time the encryption is configured and the password is used to decrypt the data after a user enters it but it is not stored in a way that users could ever access. It is not stored in the media set or config files.

 

If a user has moved the data or catalog file to a different computer they must know the password to view contents.

 

If someone has physical access to the primary backup server, then that is a bigger security risk then anything else for sure.

[Ramon88]

I think this will do for the auditor. Thanks for your trouble.