Skip to content

Randomize blob to pack file assignment#5295

Merged
MichaelEischer merged 5 commits intorestic:masterfrom
MichaelEischer:randomize-pack-order
Mar 25, 2025
Merged

Randomize blob to pack file assignment#5295
MichaelEischer merged 5 commits intorestic:masterfrom
MichaelEischer:randomize-pack-order

Conversation

@MichaelEischer
Copy link
Copy Markdown
Member

@MichaelEischer MichaelEischer commented Mar 23, 2025
edited
Loading

What does this PR change? What problem does it solve?

Implement mitigation described in #5291 (comment)

However, there is a simpler option to push 2^21/k below 1 (and thereby break the attack). An attacker needs to be able to guess which chunks in a pack file belong to the attacker-known file and which sections of the file they correspond to. Restic currently sequentially assembles all fully processed chunks into a single pack file, which gets uploaded once it's full. To prevent an attacker to guess which chunks of a file are in a given pack file, restic can instead assemble two pack files in parallel and randomly assign chunks to those pack files. This should introduce uncertainty at least on the scale of a chunk size and thereby stop the information leak.

There's one corner case that has to be considered here. A user could backup only a small file that get's split into two chunks. If those end up in individual packs, this would again leak the chunk size. Thus, if two small pack files remain in the end, then those must be merged.

Was the change previously discussed in an issue or on the forum?

See #5291 (comment)

Checklist

  • I have added tests for all code changes.
  • I have added documentation for relevant changes (in the manual).
  • There's a new file in changelog/unreleased/ that describes the changes for our users (see template).
  • I'm done! This pull request is ready for review.

@MichaelEischer
repository: randomly distribute blobs over two pack files
62453f9
@MichaelEischer
repository: merge small pack files before flushing
8d2d50d 
This prevents chunk size leaks when a backup only consists of a small
file which is split in two parts, which end up in two individual pack
files.
rawtaz
rawtaz previously requested changes Mar 24, 2025
View reviewed changes
Copy link
Copy Markdown
Contributor

@rawtaz rawtaz left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Slight documentation change, other than that I have no comments 🍦

@MichaelEischer @rawtaz
tweak changelog
5e519a2 
Co-authored-by: rawtaz <rawtaz@users.noreply.github.com>
MichaelEischer
MichaelEischer commented Mar 25, 2025
View reviewed changes
Copy link
Copy Markdown
Member Author

@MichaelEischer MichaelEischer left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@MichaelEischer MichaelEischer merged commit 13cb90b into restic:master Mar 25, 2025
11 checks passed
@github-project-automation github-project-automation bot moved this from In Review to Done in Restic 0.18/0.19 roadmap Mar 25, 2025
@MichaelEischer MichaelEischer deleted the randomize-pack-order branch March 25, 2025 17:13
@BrewTestBot BrewTestBot mentioned this pull request Mar 27, 2025
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@rawtaz rawtaz rawtaz left review comments

Assignees

No one assigned

Labels

None yet

Projects

Restic 0.18/0.19 roadmap
Status: Done

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@MichaelEischer @rawtaz