Backup Assist encryption questions

This forum is no longer monitored by the BackupAssist support team, but is available to the public to use for assistance with technical issues relating to BackupAssist v7.x.x.

Moderators: michael.jones, casey.burns, Mike D

Backup Assist encryption questions

Postby rmdtech » Mon Nov 24, 2014 1:30 pm

I have a question about encryption for rsync and encryption for backing up to USB drives:

With regards to backing up to USB Drives, my version of Backup Assist V7.4.5 uses Truecrypt to encrypt the data. Is Backup Assist planning on keeping Truecrypt encryption in new releases as I trust Truecrypt (an open source and currently unbreakable encryption) far more than I trust Bitlocker which I believe is developed by Microsoft. Given the collusion between the NSA and Microsoft, I have no confidence in Bitlocker so would not like to see Truecrypt replaced by Bitlocker as Bitlocker is by definition compromised as Microsoft will almost certainly build in backdoors for the NSA which means someone else can exploit the backdoor.
Secondly, the latest version of Truecrypt is 7.1 whereas Backup Assist uses version 6.x for encryption. I would like to suggest that Backup Assist update the Truecrypt version to 7.1 even though Truecrypt is no longer being maintained as that version is the most secure encryption that I am aware of.

With regards to rsync encryption and SSH encryption, if I have understood it correctly, SSH encryption uses AES 256 to encrypt the transmission of the data. I assume that this uses some sort of handshake between the server and the client and is not dependent on a user password. I believe that this is the same encryption used by websites like banking websites to transfer data securely. As such this is secure as its based on industry standard encryption used by https and so on. However with regards to encrypting the actual data, I am uncertain as to exactly what encryption Backup Assist uses to encrypt the actual data on the server and how the password is protected. I can see that the password is stored in the job xml file and is encrypted within that file. What encryption does rsync use and what encryption is used to encrypt the actual password in the xml file. Is it also AES 256. My understand of rsync encryption is that if I forget the password, there is no way to recover the password as even Backup Assist support staff are unable to recover the password which is the most secure form of encryption there is as this means that there is no backdoor for hackers to exploit.

Thank you
Posts: 11
Joined: Sun Jan 12, 2014 11:48 pm

Re: Backup Assist encryption questions

Postby TimN » Tue Nov 25, 2014 10:52 am


It's Tim from BackupAssist.

Unfortunately, as TrueCrypt is no longer maintained, we are not planning to update our TrueCrypt code.

The intention is to add BitLocker support across the BackupAssist backup engines as an alternative to TrueCrypt in future versions of BackupAssist.

With regards to Rsync, we use rsyncrypto to encrypt content for storage at the remote rsync server.

The encryption used is based on AES, and there are more details on the rsyncrypto site at

Storage of the rsync password in BackupAssist configuration also uses AES (Rijndael), although using "Rsync over SSH" avoids the need for BackupAssist to store a password locally (SSH only) and so it may be preferred.

I hope this answers your queries.


Return to Technical Support v7

Who is online

Users browsing this forum: No registered users and 1 guest