Cloud drive is a best and simple way to protect the data from loss (second copy).
VeraCrypt (as TrueCrypt fork) is a good tool to protect the data from leake (encryption).
It is reasonable to use these technologies together. But this solution has several specifics:
- Encrypted container (VeraCrypt volume) is a single file that can be large. How its changes will upload to the cloud?
- Encrypted container does not change the size. How cloud tools notice a file change?
- How many data VeraCrypt changes during on-the-fly encryption (OTFE)?
The first and main problem - by default VeraCrypt does not update "File Modified" date of the file. This leads to the fact that the file not uploaded to the cloud. This is demonstrated in the test №2. Neither Google Drive nor OneDrive updated the file in the cloud.
The solution is simple - disable "Preserve modification timestamp of file containers" option. Tests №3-6 prove that both solutions correctly update the container (after dismount). But the tests show a difference in their work - pay attention to the difference in "size of uploaded data" (measured using the NetBalancer tool).
The second problem - size of data that cloud tools upload to the cloud after each change (Mount - Dismount). It all depends on the tool's algorithms. In my cases OneDrive transfers significantly less data than Google Drive (tests №4-6).
Pay attention that even simple action like Mount - Dismount leads to changes on the binary side (due to encryption) and force update data in the cloud.
Tests
Conclusions
- Enable "Preserve modification timestamp of file containers" option in VeraCrypt to prevent .
- Any changes of container will change the source (due to encryption) it will lead to synchronization.
- Each cloud provider defines modified container blocks differently.
P.S. In all tests I used the following settings of the container:
- Standard VeraCrypt volume
- Never Save History
- Encryption Algorithm: AES
- Hash Algorithm: SHA-512
- FileSystem: NTFS
- Cluster: Default
No comments:
Post a Comment